[curves] The Pareto frontiers of sleeveless primes
Ben Harris
mail at bharr.is
Wed Oct 29 21:44:12 PDT 2014
Finally - integer radix (minimum 4-bits of headroom for 32-bit and 64-bit)
primes, grouped into byte sizes, non-dominated set. 28/27 candidates (one
of the 114 bit candidates is dominated, not sure which). Are there
recommended limits on the small 'c' in Crandall primes? This list is only
up to 32, but many on the SafeCurves list are in the 100s.
Prime mod bytes 32-bit 64-bit
2^850 - 3 5 128 34x25 17x50
2^848 - 17 3 128 53x16 16x53
2^810 - 5 3 128 30x27 15x54
2^729 - 9 3 96 27x27 27x27
2^689 - 3 5 96 53x13 13x53
2^550 - 5 3 96 22x25 10x55
2^546 - 11 5 96 21x26 13x42
2^480 - 2^240 - 1 3 64 20x24 8x60
2^468 - 17 3 64 18x26 9x52
*2^448 - 2^224 - 1 3 64 16x28 8x56
2^336 - 3 5 48 12x28 6x56
2^285 - 9 3 48 15x19 5x57
*2^255 - 19 5 32 15x17 5x51
2^243 - 9 3 32 9x27 9x27
2^230 - 27 5 32 10x23 5x46
2^216 - 2^108 - 1 3 32 8x27 4x54
2^190 - 11 5 24 10x19 5x38
2^189 - 25 3 24 7x27 7x27
2^171 - 19 5 24 9x19 3x57
2^152 - 17 3 24 8x19 4x38
2^150 - 3 5 24 6x25 3x50
2^140 - 27 5 24 5x28 4x35
2^125 - 9 3 16 5x25 5x25
2^114 - 2^57 - 1 3 16 6x19 2x57
2^114 - 11 5 16 6x19 2x57
2^110 - 21 3 16 5x22 2x55
2^104 - 17 3 16 4x26 2x52
2^96 - 17 3 12 4x24 2x48
On 29 October 2014 10:37, Ben Harris <mail at bharr.is> wrote:
> Including Ridinghoods, and preferring 3 mod 4 over 1 mod 4 when all else
> is equal nets 57.
>
> prime mod 4 28 32 58
> 2^96 - 17 3 4 3 2
> 2^110 - 21 3 4 4 2
> 2^114 - 2^57 - 1 3 5 4 2
> 2^116 - 3 1 5 4 2
> 2^127 - 1 3 5 4 3
> 2^137 - 13 3 5 5 3
> 2^140 - 27 1 5 5 3
> 2^152 - 17 3 6 5 3
> 2^158 - 15 1 6 5 3
> 2^166 - 5 3 6 6 3
> 2^174 - 3 1 7 6 3
> 2^189 - 25 3 7 6 4
> 2^191 - 19 1 7 6 4
> 2^196 - 15 1 7 7 4
> 2^216 - 2^108 - 1 3 8 7 4
> 2^221 - 3 1 8 7 4
> 2^226 - 5 3 9 8 4
> 2^230 - 27 1 9 8 4
> 2^251 - 9 3 9 8 5
> 2^255 - 19 1 10 8 5
> 2^266 - 3 1 10 9 5
> 2^285 - 9 3 11 9 5
> 2^291 - 19 1 11 10 6
> 2^322 - 2^161 - 1 3 12 11 6
> 2^336 - 3 1 12 11 6
> 2^338 - 15 1 13 11 6
> 2^369 - 25 3 14 12 7
> 2^383 - 31 1 14 12 7
> 2^389 - 21 3 14 13 7
> 2^401 - 31 1 15 13 7
> 2^416 - 2^208 - 1 3 15 13 8
> 2^448 - 2^224 - 1 3 16 14 8
> 2^450 - 2^225 - 1 3 17 15 8
> 2^452 - 3 1 17 15 8
> 2^468 - 17 3 17 15 9
> 2^480 - 2^240 - 1 3 18 15 9
> 2^489 - 21 3 18 16 9
> 2^495 - 31 1 18 16 9
> 2^521 - 1 3 19 17 9
> 2^529 - 31 1 19 17 10
> 2^537 - 9 3 20 17 10
> 2^550 - 5 3 20 18 10
> 2^563 - 9 3 21 18 10
> 2^583 - 27 1 21 19 11
> 2^607 - 1 3 22 19 11
> 2^610 - 27 1 22 20 11
> 2^620 - 15 1 23 20 11
> 2^664 - 17 3 24 21 12
> 2^694 - 3 1 25 22 12
> 2^699 - 9 3 25 22 13
> 2^717 - 25 3 26 23 13
> 2^729 - 9 3 27 23 13
> 2^810 - 5 3 29 26 14
> 2^848 - 17 3 31 27 15
> 2^850 - 3 1 31 27 15
> 2^869 - 21 3 32 28 15
> 2^923 - 31 1 33 29 16
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/curves/attachments/20141030/dce3792a/attachment.html>
More information about the Curves
mailing list