StarsAC/sqisign
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

initial version of SQIsign

Browse Source 
Co-authored-by: Jorge Chavez-Saab <jorgechavezsaab@gmail.com>
Co-authored-by: Maria Corte-Real Santos <36373796+mariascrs@users.noreply.github.com>
Co-authored-by: Luca De Feo <github@defeo.lu>
Co-authored-by: Jonathan Komada Eriksen <jonathan.eriksen97@gmail.com>
Co-authored-by: Basil Hess <bhe@zurich.ibm.com>
Co-authored-by: Antonin Leroux <18654258+tonioecto@users.noreply.github.com>
Co-authored-by: Patrick Longa <plonga@microsoft.com>
Co-authored-by: Lorenz Panny <lorenz@yx7.cc>
Co-authored-by: Francisco Rodríguez-Henríquez <francisco.rodriguez@tii.ae>
Co-authored-by: Sina Schaeffler <108983332+syndrakon@users.noreply.github.com>
Co-authored-by: Benjamin Wesolowski <19474926+Calodeon@users.noreply.github.com>
This commit is contained in:
SQIsign team
2023-06-01 00:00:00 +00:00
committed by Lorenz Panny
commit 28ff420dd0
285 changed files with 70301 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/ec/ref/lvl3/CMakeLists.txt Normal file
View File

@@ -0,0 +1,17 @@
set(SOURCE_FILES_EC_${SVARIANT_UPPER}_REF
${ECX_DIR}/poly-mul.c
${ECX_DIR}/poly-redc.c
${ECX_DIR}/ec.c
${ECX_DIR}/tedwards.c
${ECX_DIR}/kps.c
${ECX_DIR}/xisog.c
${ECX_DIR}/xeval.c
${ECX_DIR}/isog_chains.c
${ECX_DIR}/basis.c
)
add_library(${LIB_EC_${SVARIANT_UPPER}} ${SOURCE_FILES_EC_${SVARIANT_UPPER}_REF})
target_include_directories(${LIB_EC_${SVARIANT_UPPER}} PRIVATE ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${INC_PUBLIC} ${INC_GF_${SVARIANT_UPPER}} ${INC_COMMON} ${INC_EC})
target_compile_options(${LIB_EC_${SVARIANT_UPPER}} PRIVATE ${C_OPT_FLAGS})
add_subdirectory(test)

36
src/ec/ref/lvl3/test/CMakeLists.txt Normal file
View File

@@ -0,0 +1,36 @@
add_executable(fp2.test_${SVARIANT_LOWER} ${ECX_DIR}/test/fp2-test.c)
target_include_directories(fp2.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_GF_${SVARIANT_UPPER}} ${INC_EC} ${INC_COMMON})
target_link_libraries(fp2.test_${SVARIANT_LOWER} ${LIB_GF_${SVARIANT_UPPER}})
add_executable(poly-mul.test_${SVARIANT_LOWER} ${ECX_DIR}/test/poly-mul-test.c)
target_include_directories(poly-mul.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON})
target_link_libraries(poly-mul.test_${SVARIANT_LOWER} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_executable(poly-redc.test_${SVARIANT_LOWER} ${ECX_DIR}/test/poly-redc-test.c)
target_include_directories(poly-redc.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON})
target_link_libraries(poly-redc.test_${SVARIANT_LOWER} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_executable(mont.test_${SVARIANT_LOWER} ${ECX_DIR}/test/mont-test.c)
target_include_directories(mont.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON} .)
target_link_libraries(mont.test_${SVARIANT_LOWER} ${LIB_PRECOMP_${SVARIANT_UPPER}} ${LIB_INTBIG} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_executable(ec.test_${SVARIANT_LOWER} ${ECX_DIR}/test/ec-test.c ${ECX_DIR}/test/test_extras.c)
target_include_directories(ec.test_${SVARIANT_LOWER} PUBLIC ${ECX_DIR}/test ${INC_GF_${SVARIANT_UPPER}} ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON} .)
target_link_libraries(ec.test_${SVARIANT_LOWER} ${LIB_PRECOMP_${SVARIANT_UPPER}} ${LIB_INTBIG} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_executable(velu.test_${SVARIANT_LOWER} ${ECX_DIR}/test/velu-test.c)
target_include_directories(velu.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON} .)
target_link_libraries(velu.test_${SVARIANT_LOWER} ${LIB_PRECOMP_${SVARIANT_UPPER}} ${LIB_INTBIG} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_executable(isog.test_${SVARIANT_LOWER} ${ECX_DIR}/test/isog-test.c)
target_include_directories(isog.test_${SVARIANT_LOWER} PUBLIC ${INC_GF_${SVARIANT_UPPER}} ${INC_INTBIG} ${INC_PRECOMP_${SVARIANT_UPPER}} ${PROJECT_SOURCE_DIR}/include ../include ${INC_EC} ${INC_COMMON} .)
target_link_libraries(isog.test_${SVARIANT_LOWER} ${LIB_PRECOMP_${SVARIANT_UPPER}} ${LIB_INTBIG} ${LIB_GF_${SVARIANT_UPPER}} ${LIB_EC_${SVARIANT_UPPER}})
add_test(ec_fp2.test_${SVARIANT_LOWER} fp2.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})
add_test(ec_poly-mul.test_${SVARIANT_LOWER} poly-mul.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})
add_test(ec_poly-redc.test_${SVARIANT_LOWER} poly-redc.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})
add_test(ec_mont.test_${SVARIANT_LOWER} mont.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})
add_test(ec_ec.test_${SVARIANT_LOWER} ec.test_${SVARIANT_LOWER} test ${SQISIGN_TEST_REPS})
add_test(ec_velu.test_${SVARIANT_LOWER} velu.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})
add_test(ec_isog.test_${SVARIANT_LOWER} isog.test_${SVARIANT_LOWER} ${SQISIGN_TEST_REPS})

400
src/ec/ref/lvl3/test/ec-tests.h Normal file
View File

@@ -0,0 +1,400 @@
#ifndef EC_TESTS_H
#define EC_TESTS_H
#include "test_extras.h"
#include <stdio.h>
#include <string.h>
#include <bench.h> //////// NOTE: enable later
#include "test-basis.h"
#include "ec_params.h"
// Global constants
extern const digit_t p[NWORDS_FIELD];
// Benchmark and test parameters
static int BENCH_LOOPS = 1000; // Number of iterations per bench
static int TEST_LOOPS = 512; // Number of iterations per test
bool ec_test()
{ // Tests for ecc arithmetic
bool OK = true;
int passed;
ec_point_t P = {0}, Q = {0}, R = {0}, S = {0}, SS = {0}, PQ = {0};
ec_point_t AC = {0};
digit_t k[NWORDS_ORDER] = {0}, l[NWORDS_ORDER] = {0};
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Testing ecc functions: (NOT IMPLEMENTED) \n\n");
/*
// Point doubling
passed = 1;
P.x.re[0] = 0xDFD70ED0861BD329; P.x.re[1] = 0x20ACD3758C7F5540; P.x.re[2] = 0x3DCCDC007277F80A; P.x.re[3] = 0x18D6D2A22981DCE1;
P.x.im[0] = 0x3C23730A3F08F38C; P.x.im[1] = 0x98BB973AFD3D954D; P.x.im[2] = 0x8D98ADFC2829AE8A; P.x.im[3] = 0x21A2464D6369AFBA;
P.z.re[0] = 0x01;
AC.z.re[0] = 0x01;
fp2_tomont(&AC.z, &AC.z);
fp2_tomont(&R.x, &P.x);
fp2_tomont(&R.z, &P.z);
xDBL(&S, &R, &AC);
fp2_copy(&SS.x, &S.x); // Copy of S = SS <- 2P
fp2_copy(&SS.z, &S.z);
fp2_inv(&S.z);
fp2_mul(&S.x, &S.x, &S.z);
fp2_frommont(&S.x, &S.x);
R.x.re[0] = 0x5950EE0A4AF90FC8; R.x.re[1] = 0x16488065A0A98B08; R.x.re[2] = 0xCE65322229DA0FD1; R.x.re[3] = 0x270A35FF781EE204;
R.x.im[0] = 0x564447FD9EC57F6B; R.x.im[1] = 0x2EE24E984294F729; R.x.im[2] = 0x53A6C7360E972C71; R.x.im[3] = 0x4FCF4B9928A7C7E;
if (compare_words((digit_t*)&R.x, (digit_t*)&S.x, NWORDS_FIELD*2)!=0) { passed=0; goto out0; }
Q.x.re[0] = 0xC46076A670C70053; Q.x.re[1] = 0x97517AFA3AB9ED13; Q.x.re[2] = 0x349644C942EDF993; Q.x.re[3] = 0xBB4A4DB6F29AF9E;
Q.x.im[0] = 0x8B47629FB5A15BB0; Q.x.im[1] = 0x4EC6E809953C1A10; Q.x.im[2] = 0x1F83F0EC6CBB84D6; Q.x.im[3] = 0x1D8417C1D33265D3;
Q.z.re[0] = 0x01;
PQ.x.re[0] = 0x853F66D11BE5534F; PQ.x.re[1] = 0x27C8FD4E52D03D4A; PQ.x.re[2] = 0xF88EA78D0A0C29D2; PQ.x.re[3] = 0x2F6DFB07D397A067;
PQ.x.im[0] = 0xE8DBC4AA34434BA1; PQ.x.im[1] = 0x7A73AE182636F8A0; PQ.x.im[2] = 0x419EC260137868EB; PQ.x.im[3] = 0x129B3E301703D43F;
PQ.z.re[0] = 0x01;
fp2_tomont(&S.x, &Q.x);
fp2_tomont(&S.z, &Q.z);
fp2_tomont(&PQ.x, &PQ.x);
fp2_tomont(&PQ.z, &PQ.z);
xADD(&S, &SS, &S, &PQ);
fp2_inv(&S.z);
fp2_mul(&S.x, &S.x, &S.z);
fp2_frommont(&S.x, &S.x);
R.x.re[0] = 0xED0BEB8F93AB4FF9; R.x.re[1] = 0x27CF508B80CD49BF; R.x.re[2] = 0x38A6134DFA04B2BA; R.x.re[3] = 0x27B4CB15E109EF1F;
R.x.im[0] = 0x6F731BA6FD227BDE; R.x.im[1] = 0x14C12335341167F8; R.x.im[2] = 0xECA7B60F7866E27A; R.x.im[3] = 0x2A7A79A152880457;
if (compare_words((digit_t*)&R.x, (digit_t*)&S.x, NWORDS_FIELD*2) != 0) { passed = 0; goto out0; }
fp2_tomont(&R.x, &P.x);
fp2_tomont(&R.z, &P.z);
k[0] = 126;
xMUL(&S, &R, k, (ec_curve_t*)&AC);
fp2_inv(&S.z);
fp2_mul(&S.x, &S.x, &S.z);
fp2_frommont(&S.x, &S.x);
R.x.re[0] = 0xDE80F87A1203A147; R.x.re[1] = 0xD59E1215928A3B2D; R.x.re[2] = 0xD5A67F83A5A8CE46; R.x.re[3] = 0xA11E162488C9CDF;
R.x.im[0] = 0x9417D0D79A26741B; R.x.im[1] = 0x8B1F47D6F0FE5EEC; R.x.im[2] = 0xE52188DCB054CE36; R.x.im[3] = 0x1A8075A6C3148AB3;
if (compare_words((digit_t*)&R.x, (digit_t*)&S.x, NWORDS_FIELD*2) != 0) { passed = 0; goto out0; }
fp2_tomont(&R.x, &P.x);
fp2_tomont(&R.z, &P.z);
k[0] = 0xE77AD6B6C6B2D8CD;
k[1] = 0xDE43A0B600F38D12;
k[2] = 0xA35F4A7897E17CE2;
k[3] = 0x10ACB62E614D1237;
xMUL(&S, &R, k, (ec_curve_t*)&AC);
fp2_inv(&S.z);
fp2_mul(&S.x, &S.x, &S.z);
fp2_frommont(&S.x, &S.x);
R.x.re[0] = 0xD3938B0A68A3E7C0; R.x.re[1] = 0xE0667113208A0595; R.x.re[2] = 0x258F314C84E9CB60; R.x.re[3] = 0x14984BA7CA59AB71;
R.x.im[0] = 0xFE728423EE3BFEF4; R.x.im[1] = 0xBF68C42FE21AE0E4; R.x.im[2] = 0xA8FAF9C9528609CA; R.x.im[3] = 0x1225EC77A1DC0285;
if (compare_words((digit_t*)&R.x, (digit_t*)&S.x, NWORDS_FIELD*2) != 0) { passed = 0; goto out0; }
fp2_tomont(&R.x, &Q.x);
fp2_tomont(&R.z, &Q.z);
k[0] = 0xE77AD6B6C6B2D8CD;
k[1] = 0xDE43A0B600F38D12;
k[2] = 0xA35F4A7897E17CE2;
k[3] = 0x10ACB62E614D1237;
l[0] = 0x34AB78B6C6B2D8C0;
l[1] = 0xDE6B2D8CD00F38D1;
l[2] = 0xA35F4A7897E17CE2;
l[3] = 0x20ACF4A789614D13;
fp2_inv(&SS.z);
fp2_mul(&SS.x, &SS.x, &SS.z);
fp2_copy(&SS.z, &R.z);
xDBLMUL(&S, &R, k, &SS, l, &PQ, (ec_curve_t*)&AC);
fp2_inv(&S.z);
fp2_mul(&S.x, &S.x, &S.z);
fp2_frommont(&S.x, &S.x);
R.x.re[0] = 0x554E1ADC609B992F; R.x.re[1] = 0xE407D961F8CC4C42; R.x.re[2] = 0x1CF626AFED5A68CE; R.x.re[3] = 0x6D02692EE110483;
R.x.im[0] = 0x16FB094E831C8997; R.x.im[1] = 0xFDE4ECF31DC5F702; R.x.im[2] = 0x89303D868DFAD7B4; R.x.im[3] = 0xC91ACE81346F22D;
if (compare_words((digit_t*)&R.x, (digit_t*)&S.x, NWORDS_FIELD*2) != 0) { passed = 0; goto out0; }
out0:
if (passed==1) printf(" ECC arithmetic tests ............................................ PASSED");
else { printf(" ECC arithmetic tests... FAILED"); printf("\n"); return false; }
printf("\n");
*/
return OK;
}
bool dlog_test()
{ // Tests for dlog
bool OK = true;
int passed;
ec_point_t P = {0}, Q = {0}, R = {0}, S = {0}, SS = {0}, PQ = {0};
ec_curve_t AC = {0};
ec_basis_t PQ2;
digit_t scalarP[NWORDS_ORDER], scalarQ[NWORDS_ORDER], k[NWORDS_ORDER] = {0}, l[NWORDS_ORDER] = {0};
digit_t kt[NWORDS_ORDER], lt[NWORDS_ORDER], f1[NWORDS_ORDER] = {0}, f2[NWORDS_ORDER] = {0}, zero[NWORDS_ORDER] = {0}, tpFdiv2[NWORDS_ORDER] = {0}, tpF[NWORDS_ORDER] = {0};
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Testing dlog functions: \n\n");
// dlog2 testing
passed = 1;
fp2_tomont(&P.x, &xP2);
fp_mont_setone(P.z.re);
fp_set(P.z.im, 0);
fp2_tomont(&Q.x, &xQ2);
fp_mont_setone(Q.z.re);
fp_set(Q.z.im, 0);
fp2_tomont(&PQ.x, &xPQ2);
fp_mont_setone(PQ.z.re);
fp_set(PQ.z.im, 0);
AC.C.re[0] = 0x01;
fp_copy(f1, TWOpFm1);
fp_copy(f2, TWOpF);
fp2_tomont(&AC.C, &AC.C);
copy_point(&PQ2.P, &P);
copy_point(&PQ2.Q, &Q);
copy_point(&PQ2.PmQ, &PQ);
k[0] = 0xFFFFFFFFFFFFFFFF;
k[1] = 0x00000000000007FF;
l[0] = 0xFFFFFFFFFFFFFFFE;
l[1] = 0x00000000000007FF;
for (int n = 0; n < TEST_LOOPS; n++)
{
k[0] -= 1;
l[0] -= 2;
xDBLMUL(&R, &P, k, &Q, l, &PQ, &AC);
ec_dlog_2(scalarP, scalarQ, &PQ2, &R, &AC);
memcpy(kt, k, NWORDS_ORDER*RADIX/8);
memcpy(lt, l, NWORDS_ORDER*RADIX/8);
if (compare_words(k, f1, NWORDS_ORDER) == 1 ||
(compare_words(l, f1, NWORDS_ORDER) == 1 && (compare_words(k, zero, NWORDS_ORDER) == 0 || compare_words(k, f1, NWORDS_ORDER) == 0))) {
if (compare_words(k, zero, NWORDS_ORDER) != 0) {
sub_test(kt, f2, kt, NWORDS_ORDER);
}
if (compare_words(l, zero, NWORDS_ORDER) != 0) {
sub_test(lt, f2, lt, NWORDS_ORDER);
}
}
if (compare_words((digit_t*)scalarP, (digit_t*)kt, NWORDS_ORDER) != 0 || compare_words((digit_t*)scalarQ, (digit_t*)lt, NWORDS_ORDER) != 0) { passed = 0; break; }
}
if (passed == 1) printf(" dlog2 tests ..................................................... PASSED");
else { printf(" dlog2 tests... FAILED"); printf("\n"); return false; }
printf("\n");
// dlog3 testing
passed = 1;
fp2_tomont(&P.x, &xP3);
fp_mont_setone(P.z.re);
fp_set(P.z.im, 0);
fp2_tomont(&Q.x, &xQ3);
fp_mont_setone(Q.z.re);
fp_set(Q.z.im, 0);
fp2_tomont(&PQ.x, &xPQ3);
fp_mont_setone(PQ.z.re);
fp_set(PQ.z.im, 0);
AC.C.re[0] = 0x01;
fp_copy(tpFdiv2, THREEpFdiv2);
fp_copy(tpF, THREEpF);
fp2_tomont(&AC.C, &AC.C);
copy_point(&PQ2.P, &P);
copy_point(&PQ2.Q, &Q);
copy_point(&PQ2.PmQ, &PQ);
k[1] = 0;
l[1] = 0;
k[0] = 0x02153E468B91C6D1;
l[0] = 0x02153E468B91C6D0;
for (int n = 0; n < TEST_LOOPS; n++)
{
k[0] -= 1;
l[0] -= 2;
xDBLMUL(&R, &P, k, &Q, l, &PQ, &AC);
ec_dlog_3(scalarP, scalarQ, &PQ2, &R, &AC);
memcpy(kt, k, NWORDS_ORDER*RADIX/8);
memcpy(lt, l, NWORDS_ORDER*RADIX/8);
if (compare_words(k, tpFdiv2, NWORDS_ORDER) == 1 ||
(compare_words(l, tpFdiv2, NWORDS_ORDER) == 1 && compare_words(k, zero, NWORDS_ORDER) == 0)) {
if (compare_words(k, zero, NWORDS_ORDER) != 0) {
sub_test(kt, tpF, kt, NWORDS_ORDER);
}
if (compare_words(l, zero, NWORDS_ORDER) != 0) {
sub_test(lt, tpF, lt, NWORDS_ORDER);
}
}
if (compare_words((digit_t*)scalarP, (digit_t*)kt, NWORDS_ORDER) != 0 || compare_words((digit_t*)scalarQ, (digit_t*)lt, NWORDS_ORDER) != 0) { passed = 0; break; }
}
if (passed == 1) printf(" dlog3 tests ..................................................... PASSED");
else { printf(" dlog3 tests... FAILED"); printf("\n"); return false; }
printf("\n");
return OK;
}
bool ec_run()
{
bool OK = true;
int n;
unsigned long long cycles, cycles1, cycles2;
ec_point_t P, Q, R, PQ, AC;
digit_t k[NWORDS_ORDER], l[NWORDS_ORDER];
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Benchmarking ecc arithmetic: \n\n");
// Point doubling
cycles = 0;
for (n=0; n<BENCH_LOOPS; n++)
{
cycles1 = cpucycles();
xDBL(&Q, &P, &AC);
cycles2 = cpucycles();
cycles = cycles+(cycles2-cycles1);
}
printf(" Montgomery x-only doubling runs in .............................. %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
// Point addition
cycles = 0;
for (n = 0; n < BENCH_LOOPS; n++)
{
cycles1 = cpucycles();
xADD(&R, &Q, &P, &PQ);
cycles2 = cpucycles();
cycles = cycles + (cycles2 - cycles1);
}
printf(" Montgomery x-only addition runs in .............................. %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
// Point multiplication
cycles = 0;
for (n = 0; n < BENCH_LOOPS; n++)
{
cycles1 = cpucycles();
xMUL(&Q, &P, k, (ec_curve_t*)&AC);
cycles2 = cpucycles();
cycles = cycles + (cycles2 - cycles1);
}
printf(" Montgomery x-only scalar multiplication runs in ................. %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
// Point multiplication
cycles = 0;
for (n = 0; n < BENCH_LOOPS; n++)
{
cycles1 = cpucycles();
xDBLMUL(&R, &P, k, &Q, l, &PQ, (ec_curve_t*)&AC);
cycles2 = cpucycles();
cycles = cycles + (cycles2 - cycles1);
}
printf(" Montgomery x-only double-scalar multiplication runs in .......... %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
return OK;
}
bool dlog_run()
{
bool OK = true;
int n;
unsigned long long cycles, cycles1, cycles2;
ec_point_t P = {0}, Q = {0}, R = {0}, S = {0}, SS = {0}, PQ = {0};
ec_curve_t AC = {0};
ec_basis_t PQ2;
digit_t scalarP[NWORDS_ORDER], scalarQ[NWORDS_ORDER], k[NWORDS_ORDER] = {0}, l[NWORDS_ORDER] = {0};
printf("\n--------------------------------------------------------------------------------------------------------\n\n");
printf("Benchmarking dlog2: \n\n");
// dlog2 computation
fp2_tomont(&P.x, &xP2);
fp_mont_setone(P.z.re);
fp_set(P.z.im, 0);
fp2_tomont(&Q.x, &xQ2);
fp_mont_setone(Q.z.re);
fp_set(Q.z.im, 0);
fp2_tomont(&PQ.x, &xPQ2);
fp_mont_setone(PQ.z.re);
fp_set(PQ.z.im, 0);
AC.C.re[0] = 0x01;
fp2_tomont(&AC.C, &AC.C);
copy_point(&PQ2.P, &P);
copy_point(&PQ2.Q, &Q);
copy_point(&PQ2.PmQ, &PQ);
cycles = 0;
for (n = 0; n < BENCH_LOOPS; n++)
{
fprandom_test(k); fprandom_test(l);
xDBLMUL(&R, &P, k, &Q, l, &PQ, &AC);
cycles1 = cpucycles();
ec_dlog_2(scalarP, scalarQ, &PQ2, &R, &AC);
cycles2 = cpucycles();
cycles = cycles + (cycles2 - cycles1);
}
printf(" dlog2 runs in ................................................... %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
// dlog3 computation
fp2_tomont(&P.x, &xP3);
fp_mont_setone(P.z.re);
fp_set(P.z.im, 0);
fp2_tomont(&Q.x, &xQ3);
fp_mont_setone(Q.z.re);
fp_set(Q.z.im, 0);
fp2_tomont(&PQ.x, &xPQ3);
fp_mont_setone(PQ.z.re);
fp_set(PQ.z.im, 0);
copy_point(&PQ2.P, &P);
copy_point(&PQ2.Q, &Q);
copy_point(&PQ2.PmQ, &PQ);
cycles = 0;
for (n = 0; n < BENCH_LOOPS; n++)
{
fprandom_test(k); fprandom_test(l);
xDBLMUL(&R, &P, k, &Q, l, &PQ, &AC);
cycles1 = cpucycles();
ec_dlog_3(scalarP, scalarQ, &PQ2, &R, &AC);
cycles2 = cpucycles();
cycles = cycles + (cycles2 - cycles1);
}
printf(" dlog3 runs in ................................................... %7lld cycles", cycles/BENCH_LOOPS);
printf("\n");
return OK;
}
#endif

24
src/ec/ref/lvl3/test/test-basis.h Normal file
View File

@@ -0,0 +1,24 @@
#ifndef TEST_BASIS_H
#define TEST_BASIS_H
#include "fp2.h"
// Full-torsion basis for A=0 (excluding 2^f and huge prime factors)
const fp2_t xPA = {{0x35b53c72e7494775,0x5791b499bc29710d,0x2060f3aca68fa4ff,0x81150c19a14f523a,0x08af6c81a906d44a,0x00cca2a93efb536e},{0x14eaac356375af76,0x5655011e771be3b4,0x6273ccee274d7754,0x440d6b5b4496c183,0xa3d7f80e9f9111ba,0x0302e153bee01a18}};
const fp2_t xQA = {{0x80c0767d1b7b5fd8,0x24e9039d430ca3b5,0x26485254625dc85a,0x612eaebc345b64d1,0x59669fbd946a4409,0x004c3a8564e16101},{0x0e1eac4e38449c54,0x752c042b4c6675cb,0x88ec0e75c8e9ea0e,0xbf7c4cdbfc4483f0,0xd594cb5474bbc264,0x02f5e2345a9b4654}};
const fp2_t xPQA = {{0x1f5accaff9a7da90,0x91884964774d4cb2,0x0e938e13dd088e63,0x453c9af09879a724,0xb2bd09ec3740312b,0x0007a5837e23aaa1},{0x8e1ac4b319787bd4,0x7cb9fba402f67bfe,0x370b2951f9ec29cf,0x7a020172566f9d17,0x063e31753d703130,0x01551136265bade6}};
const fp2_t xPB = {{0xb702a70a8ae132ad,0x56d8804c83a8e696,0x5ac3e12f4df1792e,0x0a89da435664746e,0xd8758765206844bd,0x01a92f6e9e0e9296},{0x8aaab711b76b0959,0x210e6695ca5e5fdd,0x593be0d75909ca12,0xfbc074d8ebdeb927,0xb61fcc328d3756bc,0x0198a5942855c8bf}};
const fp2_t xQB = {{0x2b6b82b950b61fda,0x0ef2dd717daed334,0x99dee4db0b268ac9,0x3534eb384e1fcaf0,0xbaf112845a4f2d81,0x037f1492d8d815a1},{0x97e80590f9a0556b,0x7d9b4b87a22a7792,0xda4534fe75595b4b,0xbe1092a2733c03e1,0xbf5b1bd147b0d630,0x0125721476e5267f}};
const fp2_t xPQB = {{0xb7d459a56d4aebec,0x6ac7f10ba20e1e71,0x9a95a8928507f7ef,0xc4c5aff6b97f3dfe,0x644beb3e86806b77,0x022319eb6eaf072a},{0x8ad0f6b18934790e,0xdad82b7b38e166bf,0xcb08f5a3ab53d9a9,0xd2ff39b401ba8aba,0xbff9b5e40ed9e5ce,0x03c1773791f554c0}};
// 2^f-torsion basis for A=0
const fp2_t xP2 = {{0x7a26fdb0e5844206,0x0752b2ba140f7dfd,0x1728013f8f5fe257,0xd05f129975ed6bba,0xe736dbce707ad5a8,0x01f861715896d0be},{0xdac046927a0c5352,0x5a42474ac156ff18,0xe887982ff4c5a9ea,0x3875be6432251f1c,0xdfae47315af877ee,0x005627f085582ecc}};
const fp2_t xQ2 = {{0xc4f03ab3db57331b,0xf04261fc3b713778,0xa99b82430c7e40d1,0x5fe52b1324c2a091,0xfcaa2a7049d0f657,0x021f2caa09302141},{0x4a92a1d5ff9f6730,0x6dcd5f600f33783e,0xdb8b4e2e5149b45e,0x993458635c01d0c0,0x5f9bc7d3bb307f91,0x01fcc7eae4712b6a}};
const fp2_t xPQ2 = {{0x7f4ee9c86c4341a2,0x0c867f482063bdfc,0xe46fb7b0fbd479c7,0xddaa716e091be9ad,0x29239eadddf5dc59,0x0231c09c660f0a89},{0xde64fa344dd64237,0xa89aaaed3dd84555,0xbb70924d8fb73f27,0x0869ec018b3366dc,0x47a0356ce742bcbc,0x00547dbda6dc094d}};
// 3^g-torsion basis for A==0
const fp2_t xP3 = {{0x7c878d0ceaa821f0,0xf94db4cab7186625,0x7cff6d5fb0ca7867,0x4e3f5bd19cbca9d6,0x05ec8273d0042548,0x0233a79cf87040b3},{0x060e9f3dcab8192c,0xa94e86d063a46398,0x0e5cc403bfb60867,0x3ea1277f98087283,0xaff1fd95bb094917,0x025041b12719d3b8}};
const fp2_t xQ3 = {{0xb25aaa192bd351b7,0xc5db1962aed7e543,0x1f722ab174319947,0xd1c9bb4a0a5d8aa3,0x351415ec64f88921,0x0288ae044d62c930},{0xb41ede1724f8e06a,0xfb10ce5a83c66629,0x9846173e31a9d448,0x35c94966192f08db,0x72f7252946af3f9c,0x02ea05c971e7b34c}};
const fp2_t xPQ3 = {{0x674703cc3134d90b,0x507e338e496b8f75,0x0c8cb1f138346e4c,0x54cb7ad5ba580da7,0x65750f0bcd0a9857,0x038b435f51669e87},{0xdcdc0116c67589a0,0x45ce94f4d345c827,0x0f2cbfb3c53b73ea,0x03e7951bc98efbb8,0x3335ad0991864858,0x01e151a64210f74f}};
#endif