=================================================================== RCS file: /home/cvs/OpenXM/src/asir-doc/parts/ff.texi,v retrieving revision 1.1.1.1 retrieving revision 1.3 diff -u -p -r1.1.1.1 -r1.3 --- OpenXM/src/asir-doc/parts/ff.texi 1999/12/08 05:47:44 1.1.1.1 +++ OpenXM/src/asir-doc/parts/ff.texi 2000/01/13 08:29:56 1.3 @@ -1,19 +1,48 @@ +@comment $OpenXM: OpenXM/src/asir-doc/parts/ff.texi,v 1.2 1999/12/21 02:47:31 noro Exp $ +\BJP @node $BM-8BBN$K4X$9$k1i;;(B,,, Top @chapter $BM-8BBN$K4X$9$k1i;;(B +\E +\BEG +@node Finite fields,,, Top +@chapter Finite fields +\E @menu +\BJP * $BM-8BBN$NI=8=$*$h$S1i;;(B:: * $BM-8BBN>e$G$N(B 1 $BJQ?tB?9`<0$N1i;;(B:: * $BM-8BBN>e$NBJ1_6J@~$K4X$9$k1i;;(B:: * $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B:: +\E +\BEG +* Representation of finite fields:: +* Univariate polynomials on finite fields:: +* Elliptic curves on finite fields:: +* Functions for Finite fields:: +\E @end menu +\BJP @node $BM-8BBN$NI=8=$*$h$S1i;;(B,,, $BM-8BBN$K4X$9$k1i;;(B @section $BM-8BBN$NI=8=$*$h$S1i;;(B +\E +\BEG +@node Representation of finite fields,,, Finite fields +@section Representation of finite fields +\E @noindent +\BJP @b{Asir} $B$K$*$$$F$O(B, $BM-8BBN$O(B, $B@5I8?tAGBN(B GF(p), $BI8?t(B 2 $B$NM-8BBN(B GF(2^n) $B$,Dj5A$G$-$k(B. $B$3$l$i$OA4$F(B, @code{setmod_ff()} $B$K$h$jDj5A$5$l$k(B. +\E +\BEG +On @b{Asir} @var{GF(p)} and @var{GF(2^n)} can be defined, where +@var{GF(p)} is a finite prime field of charateristic @var{p} and +@var{GF(2^n)} is a finite field of characteristic 2. These are +all defined by @code{setmod_ff()}. +\E @example [0] P=pari(nextprime,2^50); @@ -31,6 +60,7 @@ x^50+x^4+x^3+x^2+1 [6] field_type_ff(); 2 @end example +\BJP @code{setmod_ff()} $B$O(B, $B0z?t$,@5@0?t(B p $B$N>l9g(B GF(p), n $Bl(B $B9g(B, f(x) mod 2 $B$rDj5AB?9`<0$H$9$k(B GF(2^n) $B$r$=$l$>$l4pACBN$H$7$F%;%C%H$9(B $B$k(B. @code{setmod_ff()} $B$K$*$$$F$O0z?t$N4{Ls%A%'%C%/$O9T$o$:(B, $B8F$S=P$7B&(B @@ -48,7 +78,34 @@ x^50+x^4+x^3+x^2+1 $BM-8BBN$N85$NF~NOJ}K!$O(B, $BM-8BBN$Nl9g(B, @code{simp_ff()} $B$K$h$k(B. +\E +\BEG +If @var{p} is a positive integer, @code{setmod_ff(@var{p})} sets +@var{GF(p)} as the current base field. +If @var{f} is a univariate polynomial of degree @var{n}, +@code{setmod_ff(@var{f})} sets @var{GF(2^n)} as the current +base field. @var{GF(2^n)} is represented +as an algebraic extension of @var{GF(2)} with the defining polynomial +@var{f mod 2}. In both cases the primality check of the argument is +not done and the caller is responsible for it. + +Correctly speaking there is no actual object corresponding to a 'base field'. +Setting a base field means that operations on elements of finite fields +are done according to the arithmetics of the base field. Thus, if +operands of an arithmetic operation are both rational numbers, then the result +is also a rational number. However, if one of the operands is in +a finite field, then the other is automatically regarded as in the +same finite field and the operation is done in the finite field. + +A non zero element of a finite field belongs to the number and has object +identifier 1. Its number identifier is 6 if the finite field is @var{GF(p)}, +7 if it is @var{GF(2^n)}. + +There are several methods to input an element of a finite field. +An element of @var{GF(p)} can be input by @code{simp_ff()}. +\E + @example [0] P=pari(nextprime,2^50); 1125899906842679 @@ -60,7 +117,9 @@ x^50+x^4+x^3+x^2+1 6 @end example -$B$^$?(B, GF(2^n) $B$N>l9g$$$/$D$+$NJ}K!$,$"$k(B. +\JP $B$^$?(B, GF(2^n) $B$N>l9g$$$/$D$+$NJ}K!$,$"$k(B. +\EG In the case of @var{GF(2^n)} the following methods are available. + @example [0] setmod_ff(x^50+x^4+x^3+x^2+1); x^50+x^4+x^3+x^2+1 @@ -74,39 +133,73 @@ x^50+x^4+x^3+x^2+1 (@@^9+@@^8+@@^7+@@^6+@@^5+@@^4+@@^3+@@^2+@@+1) @end example +\BJP $BM-8BBN$N85$O?t$G$"$j(B, $BBN1i;;$,2DG=$G$"$k(B. @code{@@} $B$O(B GF(2^n) $B$N(B, GF(2)$B>e$N@8@.85$G$"$k(B. $B>\$7$/$O(B @xref{$B?t$N7?(B}. +\E +\BEG +Elements of finite fields are numbers and one can apply field arithmetics +to them. @code{@@} is a generator of @var{GF(2^n)} over @var{GF(2)}. +@xref{Types of numbers}. +\E @noindent +\BJP @node $BM-8BBN>e$G$N(B 1 $BJQ?tB?9`<0$N1i;;(B,,, $BM-8BBN$K4X$9$k1i;;(B @section $BM-8BBN>e$G$N(B 1 $BJQ?tB?9`<0$N1i;;(B +\E +\BEG +@node Univariate polynomials on finite fields,,, Finite fields +@section Univariate polynomials on finite fields +\E @noindent +\BJP @samp{fff} $B$G$O(B, $BM-8BBN>e$N(B 1 $BJQ?tB?9`<0$KBP$7(B, $BL5J?J}J,2r(B, DDF, $B0x?tJ,2r(B, $BB?9`<0$N4{LsH=Dj$J$I$N4X?t$,Dj5A$5$l$F$$$k(B. $B$$$:$l$b(B, $B7k2L$O(B [@b{$B0x;R(B}, @b{$B=EJ#EY(B}] $B$N%j%9%H$H$J$k$,(B, $B0x;R$O(B monic $B$H$J$j(B, $BF~NOB?9`<0$Ne$G$N0x?tJ,2r$O(B, DDF $B$N8e(B, $B.B?9`<0$r5a$a(B, $B$=$N:,(B $B$r(B Cantor-Zassenhaus $B%"%k%4%j%:%`$K$h$j5a$a$k(B, $B$H$$$&J}K!$re$NBJ1_6J@~$K4X$9$k1i;;(B,,, $BM-8BBN$K4X$9$k1i;;(B @section $BM-8BBN>e$NBJ1_6J@~$K4X$9$k1i;;(B +\E +\BEG +@node Elliptic curves on finite fields,,, Finite fields +@section Elliptic curves on finite fields +\E +\BJP $BM-8BBN>e$NBJ1_6J@~$K4X$9$k$$$/$D$+$N4pK\E*$J1i;;$,(B, $BAH$_9~$_4X?t$H$7$F(B $BDs6!$5$l$F$$$k(B. @@ -133,9 +226,48 @@ GF(2^n) $B$N(B, GF(2)$B>e$N@8@.85$G$"$k(B. $B>\$7 $B1i;;7k2L$b@Fe$N@8@.85$G$"$k(B. $B>\$7 * extdeg_ff:: @end menu -@node setmod_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node setmod_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node setmod_ff,,, Functions for Finite fields @subsection @code{setmod_ff} @findex setmod_ff @table @t @item setmod_ff([@var{prime}|@var{poly}]) -:: $BM-8BBN$N@_Dj(B, $B@_Dj$5$l$F$$$kM-8BBN$NK!(B, $BDj5AB?9`<0$NI=<((B +\JP :: $BM-8BBN$N@_Dj(B, $B@_Dj$5$l$F$$$kM-8BBN$NK!(B, $BDj5AB?9`<0$NI=<((B +\EG :: Sets/Gets the current base fields. @end table @table @var @item return -$B?t$^$?$OB?9`<0(B +\JP $B?t$^$?$OB?9`<0(B +\EG number or polynomial @item prime -$BAG?t(B +\JP $BAG?t(B +\EG prime @item poly -GF(2) $B>e4{Ls$J(B 1 $BJQ?tB?9`<0(B +\JP GF(2) $B>e4{Ls$J(B 1 $BJQ?tB?9`<0(B +\EG univariate polynomial irreducible over GF(2) @end table @itemize @bullet +\BJP @item $B0z?t$,@5@0?t(B @var{prime} $B$N;~(B, GF(@var{prime}) $B$r4pACBN$H$7$F@_Dj$9$k(B. @item $B0z?t$,B?9`<0(B @var{poly} $B$N;~(B, -GF(2^deg(@var{poly} mod 2)) = GF(2)[t]/(@var{poly}(t) mod2) +GF(2^deg(@var{poly} mod 2)) = GF(2)[t]/(@var{poly}(t) mod 2) $B$r4pACBN$H$7$F@_Dj$9$k(B. @item $BL50z?t$N;~(B, $B@_Dj$5$l$F$$$k4pACBN$,(B GF(@var{prime}) $B$N>l9g(B @var{prime}, @@ -189,6 +327,24 @@ GF(2^n) $B$N>l9gDj5AB?9`<0$rJV$9(B. @item GF(2^n) $B$NDj5AB?9`<0$O(B, GF(2) $B>e(B n $BH(B +\JP @item $B;2>H(B +\EG @item References @fref{defpoly_mod2} @end table -@node field_type_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node field_type_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node field_type_ff,,, Functions for Finite fields @subsection @code{field_type_ff} @findex field_type_ff @table @t @item field_type_ff() -:: $B@_Dj$5$l$F$$$k4pACBN$NH(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node field_order_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node field_order_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node field_order_ff,,, Functions for Finite fields @subsection @code{field_order_ff} @findex field_order_ff @table @t @item field_order_ff() -:: $B@_Dj$5$l$F$$$k4pACBN$N0L?t(B +\JP :: $B@_Dj$5$l$F$$$k4pACBN$N0L?t(B +\EG :: Order of the current base field. @end table @table @var @item return -$B?t(B +\JP $B@0?t(B +\EG integer @end table @itemize @bullet +\BJP @item $B@_Dj$5$l$F$$$k4pACBN$N0L?t(B ($B85$N8D?t(B) $B$rJV$9(B. @item $B@_Dj$5$l$F$$$kBN$,(B GF(q) $B$J$i$P(B q $B$rJV$9(B. +\E +\BEG +@item +Returns the order of the current base field. +@item +@var{q} is returned if the current base field is GF(q). +\E @end itemize @example @@ -280,29 +461,42 @@ x^2+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node characteristic_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node characteristic_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node characteristic_ff,,, Functions for Finite fields @subsection @code{characteristic_ff} @findex characteristic_ff @table @t @item characteristic_ff() -:: $B@_Dj$5$l$F$$$kBN$NI8?t(B +\JP :: $B@_Dj$5$l$F$$$kBN$NI8?t(B +\EG :: Characteristic of the current base field. @end table @table @var @item return -$B?t(B +\JP $B@0?t(B +\EG integer @end table @itemize @bullet +\BJP @item $B@_Dj$5$l$F$$$kBN$NI8?t$rJV$9(B. @item GF(p) $B$N>l9g(B p, GF(2^n) $B$N>l9g(B 2 $B$rJV$9(B. +\E +\BEG +@item +Returns the characteristic of the current base field. +@item +@var{p} is returned if @var{GF(p)}, where @var{p} is a prime, is set. +@var{2} is returned if @var{GF(2^n)} is set. +\E @end itemize @example @@ -320,29 +514,43 @@ x^2+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node extdeg_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node extdeg_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node extdeg_ff,,, Functions for Finite fields @subsection @code{extdeg_ff} @findex extdeg_ff @table @t @item extdeg_ff() -:: $B@_Dj$5$l$F$$$k4pACBN$N(B, $BAGBN$KBP$9$k3HBgl9g(B 1, GF(2^n) $B$N>l9g(B n $B$rJV$9(B. +\E +\BEG +@item +Returns the extension degree of the current base field over the prime field. +@item +GF(p) $B$N>l9g(B 1, GF(2^n) $B$N>l9g(B n $B$rJV$9(B. +1 is returned if @var{GF(p)}, where @var{p} is a prime, is set. +@var{n} is returned if @var{GF(2^n)} is set. +\E @end itemize @example @@ -360,27 +568,36 @@ x^2+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node simp_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node simp_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node simp_ff,,, Functions for Finite fields @subsection @code{simp_ff} @findex simp_ff @table @t @item simp_ff(@var{obj}) -:: $B?t(B, $B$"$k$$$OB?9`<0$N78?t$rM-8BBN$N85$KJQ49(B +\JP :: $B?t(B, $B$"$k$$$OB?9`<0$N78?t$rM-8BBN$N85$KJQ49(B +\BEG +:: Converts numbers or coefficients of polynomials into elements +in finite fields. +\E @end table @table @var @item return -$B?t$^$?$OB?9`<0(B +\JP $B?t$^$?$OB?9`<0(B +\EG number or polynomial @item obj -$B?t$^$?$OB?9`<0(B +\JP $B?t$^$?$OB?9`<0(B +\EG number or polynomial @end table @itemize @bullet +\BJP @item $B?t(B, $B$"$k$$$OB?9`<0$N78?t$rM-8BBN$N85$KJQ49$9$k(B. @item @@ -389,6 +606,19 @@ x^2+x+1 @item $BM-8BBN$N85$KBP$7(B, $BK!$"$k$$$ODj5AB?9`<0$K$h$k(B reduction $B$r9T$&>l9g$K$b(B $BMQ$$$k(B. +\E +\BEG +@item +Converts numbers or coefficients of polynomials into elements in finite +fields. +@item +It is used to convert integers or intrgral polynomials int +elements of finite fields or polynomials over finite fields. +@item +An element of a finite field may not have the reduced representation. +In such case an application of @code{simp_ff} assures the output has +the reduced representation. +\E @end itemize @example @@ -403,33 +633,42 @@ x^10+10*x^9+45*x^8+120*x^7+210*x^6+252*x^5+210*x^4+120 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff}, @fref{lmptop}, @fref{gf2nton} @end table -@node random_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node random_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node random_ff,,, Functions for Finite fields @subsection @code{random_ff} @findex random_ff @table @t @item random_ff() -:: $BM-8BBN$N85$NMp?t@8@.(B +\JP :: $BM-8BBN$N85$NMp?t@8@.(B +\EG :: Random generation of an element of a finite field. @end table @table @var @item return -$BM-8BBN$N85(B +\JP $BM-8BBN$N85(B +\EG element of a finite field @end table @itemize @bullet +\BJP @item $BM-8BBN$N85$rMp?t@8@.$9$k(B. @item -GF(p) $B$N>l9g(B, 0 $B0J>e(B p $BL$K~$N@0?t$G$"$i$o$5$l$k(B GF(p) $B$N85(B, -GF(2^n) $B$N>l9g(B, n $Be$NB?9`<0$GI=$5$l$k(B GF(2^n) $B$r(B -$BJV$9(B. -@item @code{random()}, @code{lrandom()} $B$HF1$8(B 32bit $BMp?tH/@84o$r;HMQ$7$F$$$k(B. +\E +\BEG +@item +Generates an element of the current base field randomly. +@item +The same random generator as in @code{random()}, @code{lrandom()} +is used. +\E @end itemize @example @@ -445,35 +684,49 @@ return to toplevel @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff}, @fref{random}, @fref{lrandom} @end table -@node lmptop,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node lmptop,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node lmptop,,, Functions for Finite fields @subsection @code{lmptop} @findex lmptop @table @t @item lmptop(@var{obj}) -:: GF(p) $B78?tB?9`<0$N78?t$r@0?t$KJQ49(B +\JP :: GF(p) $B78?tB?9`<0$N78?t$r@0?t$KJQ49(B +\EG :: Converts the coefficients of a polynomial over GF(p) into integers. @end table @table @var @item return -$B@0?t78?tB?9`<0(B +\JP $B@0?t78?tB?9`<0(B +\EG integral polynomial @item obj -GF(p)$B78?tB?9`<0(B +\JP GF(p) $B78?tB?9`<0(B +\EG polynomial over GF(p) @end table @itemize @bullet +\BJP @item GF(p) $B78?tB?9`<0$N78?t$r@0?t$KJQ49$9$k(B. @item GF(p) $B$N85$O(B, 0 $B0J>e(B p $BL$K~$N@0?t$GI=8=$5$l$F$$$k(B. $BB?9`<0$N3F78?t$O(B, $B$=$NCM$r@0?t%*%V%8%'%/%H(B($B?t<1JL;R(B 0)$B$H$7$?$b$N$K(B $BJQ49$5$l$k(B. +\E +\BEG @item -GF(p) $B$N85$O(B, $B@0?t$KJQ49$5$l$k(B. +Converts the coefficients of a polynomial over GF(p) into integers. +@item +An element of GF(p) is represented by a non-negative integer @var{r} less than +@var{p}. +Each coefficient of a polynomial is converted into an integer object +whose value is @var{r}. +\E @end itemize @example @@ -495,27 +748,33 @@ x^10+537*x^9+45*x^8+427*x^7+210*x^6+295*x^5+210*x^4+42 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{simp_ff} @end table -@node ntogf2n,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node ntogf2n,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node ntogf2n,,, Functions for Finite fields @subsection @code{ntogf2n} @findex ntogf2n @table @t @item ntogf2n(@var{m}) -:: $B<+A3?t$r(B GF(2^n) $B$N85$KJQ49(B +\JP :: $B<+A3?t$r(B GF(2^n) $B$N85$KJQ49(B +\EG :: Converts a non-negative integer into an element of GF(2^n). @end table @table @var @item return -GF(2^n) $B$N85(B +\JP GF(2^n) $B$N85(B +\EG element of GF(2^n) @item m -$BHsIi@0?t(B +\JP $BHsIi@0?t(B +\EG non-negative integer @end table @itemize @bullet +\BJP @item $B<+A3?t(B @var{m} $B$N(B 2 $B?JI=8=(B @var{m}=@var{m0}+@var{m1}*2+...+@var{mk}*2^k $B$KBP$7(B, GF(2^n)=GF(2)[t]/(g(t)) $B$N85(B @@ -523,6 +782,17 @@ GF(2^n) $B$N85(B @item $BDj5AB?9`<0$K$h$k>jM>$O<+F0E*$K$O7W;;$5$l$J$$$?$a(B, @code{simp_ff()} $B$r(B $BE,MQ$9$kI,MW$,$"$k(B. +\E +\BEG +@item +Let @var{m} be a non-negative integer. +@var{m} has the binary representation +@var{m}=@var{m0}+@var{m1}*2+...+@var{mk}*2^k. +This function returns an element of GF(2^n)=GF(2)[t]/(g(t)), +@var{m0}+@var{m1}*t+...+@var{mk}*t^k mod g(t). +@item +Apply @code{simp_ff()} to reduce the result. +\E @end itemize @example @@ -535,29 +805,35 @@ x^30+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{gf2nton} @end table -@node gf2nton,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node gf2nton,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node gf2nton,,, Functions for Finite fields @subsection @code{gf2nton} @findex gf2nton @table @t @item gf2nton(@var{m}) -:: GF(2^n) $B$N85$r<+A3?t$KJQ49(B +\JP :: GF(2^n) $B$N85$r<+A3?t$KJQ49(B +\EG :: Converts an element of GF(2^n) into a non-negative integer. @end table @table @var @item return -$BHsIi@0?t(B +\JP $BHsIi@0?t(B +\EG non-negative integer @item m -GF(2^n) $B$N85(B +\JP GF(2^n) $B$N85(B +\EG element of GF(2^n) @end table @itemize @bullet @item -@code{gf2nton} $B$N5UJQ49$G$"$k(B. +\JP @code{gf2nton} $B$N5UJQ49$G$"$k(B. +\EG The inverse of @code{gf2nton}. @end itemize @example @@ -574,31 +850,44 @@ x^30+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{gf2nton} @end table -@node ptogf2n,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node ptogf2n,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node ptogf2n,,, Functions for Finite fields @subsection @code{ptogf2n} @findex ptogf2n @table @t @item ptogf2n(@var{poly}) -:: $B0lJQ?tB?9`<0$r(B GF(2^n) $B$N85$KJQ49(B +\JP :: $B0lJQ?tB?9`<0$r(B GF(2^n) $B$N85$KJQ49(B +\EG :: Converts a univariate polynomial into an element of GF(2^n). @end table @table @var @item return -GF(2^n) $B$N85(B +\JP GF(2^n) $B$N85(B +\EG element of GF(2^n) @item poly -$B0lJQ?tB?9`<0(B +\JP $B0lJQ?tB?9`<0(B +\EG univariate polynomial @end table @itemize @bullet @item +\BJP @var{poly} $B$NI=$9(B GF(2^n) $B$N85$r@8@.$9$k(B. $B78?t$O(B, 2 $B$G3d$C$?M>$j$K(B $BJQ49$5$l$k(B. @var{poly} $B$NJQ?t$K(B @code{@@} $B$rBeF~$7$?7k2L$HEy$7$$(B. +\E +\BEG +Generates an element of GF(2^n) represented by @var{poly}. +The coefficients are reduced modulo 2. +The output is equal to the result by substituting @code{@@} for +the variable of @var{poly}. +\E @end itemize @example @@ -609,34 +898,51 @@ x^30+x+1 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{gf2ntop} @end table -@node gf2ntop,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node gf2ntop,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node gf2ntop,,, Functions for Finite fields @subsection @code{gf2ntop} @findex gf2ntop @table @t @item gf2ntop(@var{m}[,@var{v}]) -:: GF(2^n) $B$N85$rB?9`<0$KJQ49(B +\JP :: GF(2^n) $B$N85$rB?9`<0$KJQ49(B +\EG :: Converts an element of GF(2^n) into a polynomial. @end table @table @var @item return -$B0lJQ?tB?9`<0(B +\JP $B0lJQ?tB?9`<0(B +\EG univariate polynomial @item m -GF(2^n) $B$N85(B +\JP GF(2^n) $B$N85(B +\EG an element of GF(2^n) @item v -$BITDj85(B +\JP $BITDj85(B +\EG indeterminate @end table @itemize @bullet +\BJP @item @var{m} $B$rI=$9B?9`<0$r(B, $B@0?t78?t$NB?9`<0%*%V%8%'%/%H$H$7$FJV$9(B. -@item @var{v} $B$N;XDj$,$J$$>l9g(B, $BD>A0$N(B @code{ptogf2n()} $B8F$S=P$7(B +@item +@var{v} $B$N;XDj$,$J$$>l9g(B, $BD>A0$N(B @code{ptogf2n()} $B8F$S=P$7(B $B$K$*$1$k0z?t$NJQ?t(B ($B%G%U%)%k%H$O(B @code{x}), $B;XDj$,$"$k>l9g$K$O(B $B;XDj$5$l$?ITDj85$rJQ?t$H$9$kB?9`<0$rJV$9(B. +\E +\BEG +@item +Returns a polynomial representing @var{m}. +@item +If @var{v} is used as the variable of the output. +If @var{v} is not specified, the variable of the argument +of the latest @code{ptogf2n()} call. The default variable is @code{x}. +\E @end itemize @example @@ -652,27 +958,33 @@ t^13+t^12+t^11+t^10 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{ptogf2n} @end table -@node defpoly_mod2,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node defpoly_mod2,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node defpoly_mod2,,, Functions for Finite fields @subsection @code{defpoly_mod2} @findex defpoly_mod2 @table @t @item defpoly_mod2(@var{d}) -:: GF(2) $B>e4{Ls$J0lJQ?tB?9`<0$N@8@.(B +\JP :: GF(2) $B>e4{Ls$J0lJQ?tB?9`<0$N@8@.(B +\EG :: Generates an irreducible univariate polynomial over GF(2). @end table @table @var @item return -$BB?9`<0(B +\JP $BB?9`<0(B +\EG univariate polynomial @item d -$B@5@0?t(B +\JP $B@5@0?t(B +\EG positive integer @end table @itemize @bullet +\BJP @item @samp{fff} $B$GDj5A$5$l$F$$$k(B. @item @@ -682,33 +994,54 @@ t^13+t^12+t^11+t^10 3 $B9`<0$,B8:_$7$J$1$l$P(B, $B4{Ls(B 5 $B9`<0$NCf$G(B, $BBh(B 2 $B9`$N.$5$/(B, $B$=$NCf$GBh(B 3 $B9`$N.$5$/(B, $B$=$NCf$GBh(B 4 $B9`$N.$5$$$b$N$rJV$9(B. +\E +\BEG +@item +Defined in @samp{fff}. +@item +An irreducible univariate polynomial of degree @var{d} is returned. +@item +If an irreducible trinomial @var{x^d+x^m+1} exists, then the one +with the smallest @var{m} is returned. +Otherwise, an irreducible pentanomial @var{x^d+x^m1+x^m2+x^m3+1} +(@var{m1>m2>m3} is returned. +@var{m1}, @var{m2} and @var{m3} are determined as follows: +Fix @var{m1} as small as possible. Then fix @var{m2} as small as possible. +Then fix @var{m3} as small as possible. +\E @end itemize @example @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node fctr_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node fctr_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node fctr_ff,,, Functions for Finite fields @subsection @code{fctr_ff} @findex fctr_ff @table @t @item fctr_ff(@var{poly}) -:: 1 $BJQ?tB?9`<0$NM-8BBN>e$G$N4{LsJ,2r(B +\JP :: 1 $BJQ?tB?9`<0$NM-8BBN>e$G$N4{LsJ,2r(B +\EG :: Irreducible univariate factorization over a finite field. @end table @table @var @item return -$B%j%9%H(B +\JP $B%j%9%H(B +\EG list @item poly -$BM-8BBN>e$N(B 1 $BJQ?tB?9`<0(B +\JP $BM-8BBN>e$N(B 1 $BJQ?tB?9`<0(B +\EG univariate polynomial over a finite field @end table @itemize @bullet +\BJP @item @samp{fff} $B$GDj5A$5$l$F$$$k(B. @item @@ -719,6 +1052,19 @@ t^13+t^12+t^11+t^10 $B=EJ#EY$G$"$k(B. @item @var{poly} $B$NH(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node irredcheck_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node irredcheck_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node irredcheck_ff,,, Functions for Finite fields @subsection @code{irredcheck_ff} @findex irredcheck_ff @table @t @item irredcheck_ff(@var{poly}) -:: 1 $BJQ?tB?9`<0$NM-8BBN>e$G$N4{LsH=Dj(B +\JP :: 1 $BJQ?tB?9`<0$NM-8BBN>e$G$N4{LsH=Dj(B +\EG :: Primality check of a univariate polynomial over a finite field. @end table @table @var @item return 0|1 @item poly -$BM-8BBN>e$N(B 1 $BJQ?tB?9`<0(B +\JP $BM-8BBN>e$N(B 1 $BJQ?tB?9`<0(B +\EG univariate polynomial over a finite field @end table @itemize @bullet +\BJP @item @samp{fff} $B$GDj5A$5$l$F$$$k(B. @item $BM-8BBN>e$N(B 1 $BJQ?tB?9`<0$N4{LsH=Dj$r9T$$(B, $B4{Ls$N>l9g(B 1, $B$=$l0J30$O(B 0 $B$rJV$9(B. +\E +\BEG +@item +Defined in @samp{fff}. +@item +Returns 1 if @var{poly} is irreducible over the current base field. +Returns 0 otherwise. +\E @end itemize @example @@ -767,34 +1126,50 @@ x^10+14687973587364016969 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table -@node randpoly_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node randpoly_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node randpoly_ff,,, Functions for Finite fields @subsection @code{randpoly_ff} @findex randpoly_ff @table @t @item randpoly_ff(@var{d},@var{v}) -:: $BM-8BBN>e$N(B $BMp?t78?t(B 1 $BJQ?tB?9`<0$N@8@.(B +\JP :: $BM-8BBN>e$N(B $BMp?t78?t(B 1 $BJQ?tB?9`<0$N@8@.(B +\EG :: Generation of a random univariate polynomial over a finite field. @end table @table @var @item return -$BB?9`<0(B +\JP $BB?9`<0(B +\EG polynomial @item d -$B@5@0?t(B +\JP $B@5@0?t(B +\EG positive integer @item v -$BITDj85(B +\JP $BITDj85(B +\EG indeterminate @end table @itemize @bullet +\BJP @item @samp{fff} $B$GDj5A$5$l$F$$$k(B. @item @var{d} $BH(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff}, @fref{random_ff} @end table -@node ecm_add_ff ecm_sub_ff ecm_chsgn_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\JP @node ecm_add_ff ecm_sub_ff ecm_chsgn_ff,,, $BM-8BBN$K4X$9$kH!?t$N$^$H$a(B +\EG @node ecm_add_ff ecm_sub_ff ecm_chsgn_ff,,, Functions for Finite fields @subsection @code{ecm_add_ff}, @code{ecm_sub_ff}, @code{ecm_chsgn_ff} @findex ecm_add_ff @findex ecm_sub_ff @@ -823,20 +1200,25 @@ x^10+14687973587364016969 @table @t @item ecm_add_ff(@var{p1},@var{p2},@var{ec}) @itemx ecm_sub_ff(@var{p1},@var{p2},@var{ec}) -@itemx ecm_chsgn_ff(@var{p1},@var{p2},@var{ec}) -:: $BBJ1_6J@~>e$NE@$N2C;;(B, $B8:;;(B, $B5U85(B +@itemx ecm_chsgn_ff(@var{p1}) +\JP :: $BBJ1_6J@~>e$NE@$N2C;;(B, $B8:;;(B, $B5U85(B +\EG :: Addition, Subtraction and additive inverse for points on an elliptic curve. @end table @table @var @item return -$B%Y%/%H%k$^$?$O(B 0 +\JP $B%Y%/%H%k$^$?$O(B 0 +\EG vector or 0 @item p1,p2 -$BD9$5(B 3 $B$N%Y%/%H%k$^$?$O(B 0 +\JP $BD9$5(B 3 $B$N%Y%/%H%k$^$?$O(B 0 +\EG vector of length 3 or 0 @item ec -$BD9$5(B 2 $B$N%Y%/%H%k(B +\JP $BD9$5(B 2 $B$N%Y%/%H%k(B +\EG vector of length 2 @end table @itemize @bullet +\BJP @item $B8=:_@_Dj$5$l$F$$$kM-8BBN>e$G(B, @var{ec} $B$GDj5A$5$l$kBJ1_6J@~>e$N(B $BE@(B @var{p1}, @var{p2} $B$NOB(B @var{p1+p2}, $B:9(B @var{p1-p2}, $B5U85(B @var{-p1} $B$rJV$9(B. @@ -855,6 +1237,33 @@ x^10+14687973587364016969 $B$G3d$kI,MW$,$"$k(B. @item @var{p1}, @var{p2} $B$,BJ1_6J@~>e$NE@$+$I$&$+$N%A%'%C%/$O$7$J$$(B. +\E +\BEG +@item +Let @var{p1}, @var{p2} be points on the elliptic curve represented by +@var{ec} over the current base field. +ecm_add_ff(@var{p1},@var{p2},@var{ec}), ecm_sub_ff(@var{p1},@var{p2},@var{ec}) +and ecm_chsgn_ff(@var{p1}) returns +@var{p1+p2}, @var{p1-p2} and @var{-p1} respectively. +@item +If the current base field is a prime field of odd order, then +@var{ec} represents @var{y^2=x^3+ec[0]x+ec[1]}. +If the characteristic of the current base field is 2, +then @var{ec} represents @var{y^2+xy=x^3+ec[0]x^2+ec[1]}. +@item +The point at infinity is represented by 0. +@item +If an argument denoting a point is a vector of length 3, +then it is the projective coordinate. In such a case +the third coordinate must not be 0. +@item +If the result is a vector of length 3, then the third coordinate +is not equal to 0 but not necessarily 1. To get the result by +the affine coordinate, the first and the second coordinates should +be divided by the third coordinate. +@item +The check whether the arguments are on the curve is omitted. +\E @end itemize @example @@ -878,7 +1287,8 @@ x^10+14687973587364016969 @end example @table @t -@item $B;2>H(B +\JP @item $B;2>H(B +\EG @item References @fref{setmod_ff} @end table