blob: a0454a320dfc45be6dc4a8aa60807ca3117b1735 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
# Curves
ECTester contains a collection of elliptic curve/point parameters, these parameters either come from standards or
were generated manually or using [ecgen](https://github.com/J08nY/ecgen).
These parameters can be found in the [cz.crcs.ectester.data](/src/cz/ectester/data/) package.
## Standard
### SECG
SEC 2: Recommended Elliptic Curve Domain Parameters version 2.0 January 27, 2010
[Source](http://www.secg.org/sec2-v2.pdf)
### NIST
RECOMMENDED ELLIPTIC CURVES FOR FEDERAL GOVERNMENT USE July 1999
[Source](http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf)
### x962
ANSI X9.62 example curves.
### Brainpool
ECC Brainpool Standard Curves and Curve Generation v. 1.0 19.10.2005
[Source](http://www.ecc-brainpool.org/download/Domain-parameters.pdf)
### anssi
Agence nationale de la sécurité des systèmes d'information: Publication d'un paramétrage de courbe elliptique visant des applications de passeport électronique et de l'administration électronique française. 21 November 2011
### GOST
GOST R 34.10-2001: RFC5832 curves.
[Source](https://tools.ietf.org/html/rfc5832)
## Generated
### anomalous
These prime field curves have the same order as the field order, and are susceptible to attacks reducing ECDLP over a multiplicative group of the curve, to DLP over an additive group of the underlying field, which is easy (linear time).
Some of these are from Atsuko Miyaji's [paper](https://dspace.jaist.ac.jp/dspace/bitstream/10119/4464/1/73-61.pdf), others were generated using [ecgen](htps://github.com/J08nY/ecgen).
### invalid
This category contains pre-generated invalid curves for a large subset of NIST, SECG and Brainpool curves. Invalid curves for a given curve, are short Weierstrass curves with all parameters equal to the given curve except the `b` parameter. These curves can be used to [attack some implementations](https://www.nds.rub.de/media/nds/veroeffentlichungen/2015/09/14/main-full.pdf).
Generated using [ecgen](https://github.com/J08nY/ecgen).
### composite
Contains curves of composite order, with small order points.
Generated using [ecgen](https://github.com/J08nY/ecgen).
### wrong
Contains parameters that are not elliptic curves(over Fp and F2m), such as `p` parameter that is not prime or an irreducible polynomial that is not irreducible.
Generated manually.
### twist
Contains pre-generated points on twists of known named curves from NIST, SECG.
These points can be used to attack some implementations.
Generated using [ecgen](https://github.com/J08nY/ecgen).
### degenerate
Contains pre-generated points on the line `Y: x = 0`. These points are constructed from elements of prime
order in the multiplicative group F_p given a curve over it.
Generate manually using [PARI/GP](http://pari.math.u-bordeaux.fr/).
### cofactor
Contains curves that are composite order, with points not on the subgroup generated by the generator.
Generated using [ecgen](https://github.com/J08nY/ecgen).
|
