Make EFD a submodule. Remove imported formulas.

19 files changed, 0 insertions, 223 deletions

diff --git a/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g b/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g
deleted file mode 100644
index ab03316..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g
+++ /dev/null
@@ -1,7 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", page 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on page 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5
-parameter s
-assume s = (1+r)/(1-r)
-compute V = s(Z2-Y2)(Z3-Y3)
-compute W = (Z2+Y2)(Z3+Y3)
-compute Y4 = Z1(W-V)^2
-compute Z4 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g.op3
deleted file mode 100644
index 40d57b8..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/diffadd/dadd-2006-g.op3
+++ /dev/null
@@ -1,13 +0,0 @@
-t0 = Z2-Y2
-t1 = Z3-Y3
-t2 = t0*t1
-V = s*t2
-t3 = Z2+Y2
-t4 = Z3+Y3
-W = t3*t4
-t5 = W-V
-t6 = t5^2
-Y4 = Z1*t6
-t7 = W+V
-t8 = t7^2
-Z4 = Y1*t8
diff --git a/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g b/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g
deleted file mode 100644
index 2c6e1ac..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g
+++ /dev/null
@@ -1,8 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", page 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on page 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5; plus assumption Z1=1
-assume Z1 = 1
-parameter s
-assume s = (1+r)/(1-r)
-compute V = s(Z2-Y2)(Z3-Y3)
-compute W = (Z2+Y2)(Z3+Y3)
-compute Y4 = (W-V)^2
-compute Z4 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g.op3
deleted file mode 100644
index 8e82aa3..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/diffadd/mdadd-2006-g.op3
+++ /dev/null
@@ -1,12 +0,0 @@
-t0 = Z2-Y2
-t1 = Z3-Y3
-t2 = t0*t1
-V = s*t2
-t3 = Z2+Y2
-t4 = Z3+Y3
-W = t3*t4
-t5 = W-V
-Y4 = t5^2
-t6 = W+V
-t7 = t6^2
-Z4 = Y1*t7
diff --git a/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g b/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g
deleted file mode 100644
index 6bf616e..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g
+++ /dev/null
@@ -1,7 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", page 22/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 and b/a on page 22/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 replaced by Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z3/Y3
-parameter s
-assume s = (1+r)/(1-r)
-compute V = s(Z1-Y1)^2
-compute W = (Z1+Y1)^2
-compute Y3 = (W-V)^2
-compute Z3 = r(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g.op3
deleted file mode 100644
index 7360c87..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/doubling/dbl-2006-g.op3
+++ /dev/null
@@ -1,10 +0,0 @@
-t0 = Z1-Y1
-t1 = t0^2
-V = s*t1
-t2 = Z1+Y1
-W = t2^2
-t3 = W-V
-Y3 = t3^2
-t4 = W+V
-t5 = t4^2
-Z3 = r*t5
diff --git a/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g b/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g
deleted file mode 100644
index 60af410..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g
+++ /dev/null
@@ -1,8 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", page 22/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 and b/a on page 22/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 replaced by Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z3/Y3; plus assumption Z1=1; plus standard simplification
-assume Z1 = 1
-parameter s
-assume s = (1+r)/(1-r)
-compute W = (1+Y1)^2
-compute V = s(W-4 Y1)
-compute Y3 = (W-V)^2
-compute Z3 = r(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g.op3
deleted file mode 100644
index 512e52d..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/doubling/mdbl-2006-g.op3
+++ /dev/null
@@ -1,10 +0,0 @@
-t0 = 1+Y1
-W = t0^2
-t1 = 4*Y1
-t2 = W-t1
-V = s*t2
-t3 = W-V
-Y3 = t3^2
-t4 = W+V
-t5 = t4^2
-Z3 = r*t5
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g b/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g
deleted file mode 100644
index dc25d53..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g
+++ /dev/null
@@ -1,11 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", pages 22/52 and 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on pages 22/52 and 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5
-parameter s
-assume s = (1+r)/(1-r)
-compute V2 = s(Z2-Y2)^2
-compute W2 = (Z2+Y2)^2
-compute Y4 = (W2-V2)^2
-compute Z4 = r(W2+V2)^2
-compute V = s(Z2-Y2)(Z3-Y3)
-compute W = (Z2+Y2)(Z3+Y3)
-compute Y5 = Z1(W-V)^2
-compute Z5 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2 b/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2
deleted file mode 100644
index 0266100..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2
+++ /dev/null
@@ -1,13 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", pages 22/52 and 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on pages 22/52 and 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5; plus common-subexpression elimination
-parameter s
-assume s = (1+r)/(1-r)
-compute A = Z2-Y2
-compute B = Z2+Y2
-compute V2 = s A^2
-compute W2 = B^2
-compute Y4 = (W2-V2)^2
-compute Z4 = r(W2+V2)^2
-compute V = s A(Z3-Y3)
-compute W = B(Z3+Y3)
-compute Y5 = Z1(W-V)^2
-compute Z5 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2.op3 b/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2.op3
deleted file mode 100644
index 0a98e01..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g-2.op3
+++ /dev/null
@@ -1,21 +0,0 @@
-A = Z2-Y2
-B = Z2+Y2
-t0 = A^2
-V2 = s*t0
-W2 = B^2
-t1 = W2-V2
-Y4 = t1^2
-t2 = W2+V2
-t3 = t2^2
-Z4 = r*t3
-t4 = Z3-Y3
-t5 = A*t4
-V = s*t5
-t6 = Z3+Y3
-W = B*t6
-t7 = W-V
-t8 = t7^2
-Y5 = Z1*t8
-t9 = W+V
-t10 = t9^2
-Z5 = Y1*t10
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g.op3
deleted file mode 100644
index 1247fba..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/ladd-2006-g.op3
+++ /dev/null
@@ -1,23 +0,0 @@
-t0 = Z2-Y2
-t1 = t0^2
-V2 = s*t1
-t2 = Z2+Y2
-W2 = t2^2
-t3 = W2-V2
-Y4 = t3^2
-t4 = W2+V2
-t5 = t4^2
-Z4 = r*t5
-t6 = Z2-Y2
-t7 = Z3-Y3
-t8 = t6*t7
-V = s*t8
-t9 = Z2+Y2
-t10 = Z3+Y3
-W = t9*t10
-t11 = W-V
-t12 = t11^2
-Y5 = Z1*t12
-t13 = W+V
-t14 = t13^2
-Z5 = Y1*t14
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g b/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g
deleted file mode 100644
index 3f4f4b0..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g
+++ /dev/null
@@ -1,12 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", pages 22/52 and 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on pages 22/52 and 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5; plus assumption Z1=1
-assume Z1 = 1
-parameter s
-assume s = (1+r)/(1-r)
-compute V2 = s(Z2-Y2)^2
-compute W2 = (Z2+Y2)^2
-compute Y4 = (W2-V2)^2
-compute Z4 = r(W2+V2)^2
-compute V = s(Z2-Y2)(Z3-Y3)
-compute W = (Z2+Y2)(Z3+Y3)
-compute Y5 = (W-V)^2
-compute Z5 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2 b/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2
deleted file mode 100644
index 50930f8..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2
+++ /dev/null
@@ -1,14 +0,0 @@
-source 2006 Gaudry "Variants of the Montgomery form based on Theta functions", pages 22/52 and 23/52, with A^2/B^2 = (a^2+b^2)/(a^2-b^2) as on page 20/52, replacing incorrect B^2/A^2 on pages 22/52 and 23/52 with correct A^2/B^2 and a/b; or 2009 Gaudry--Lubicz "The arithmetic of characteristic 2 Kummer surfaces and of elliptic Kummer lines", Section 6.2, replacing incorrect A'/B' = (a^2+b^2)/(a^2-b^2) with correct A'^2/B'^2 = (a^2+b^2)/(a^2-b^2), replacing A'^2/B'^2 with A^2/B^2, and replacing z... with y...; plus notation changes: a/b and A^2/B^2 defined as 1/sqrt(r) and (1+r)/(1-r), input x^2/y^2 etc. replaced by Z2/Y2 and Z3/Y3 and Z1/Y1, intermediate x'/y' replaced by W/V, output X^2/Y^2 replaced by Z5/Y5; plus common-subexpression elimination; plus assumption Z1=1
-assume Z1 = 1
-parameter s
-assume s = (1+r)/(1-r)
-compute A = Z2-Y2
-compute B = Z2+Y2
-compute V2 = s A^2
-compute W2 = B^2
-compute Y4 = (W2-V2)^2
-compute Z4 = r(W2+V2)^2
-compute V = s A(Z3-Y3)
-compute W = B(Z3+Y3)
-compute Y5 = (W-V)^2
-compute Z5 = Y1(W+V)^2
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2.op3 b/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2.op3
deleted file mode 100644
index b1acdc4..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g-2.op3
+++ /dev/null
@@ -1,20 +0,0 @@
-A = Z2-Y2
-B = Z2+Y2
-t0 = A^2
-V2 = s*t0
-W2 = B^2
-t1 = W2-V2
-Y4 = t1^2
-t2 = W2+V2
-t3 = t2^2
-Z4 = r*t3
-t4 = Z3-Y3
-t5 = A*t4
-V = s*t5
-t6 = Z3+Y3
-W = B*t6
-t7 = W-V
-Y5 = t7^2
-t8 = W+V
-t9 = t8^2
-Z5 = Y1*t9
diff --git a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g.op3 b/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g.op3
deleted file mode 100644
index 1d8670a..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/ladder/mladd-2006-g.op3
+++ /dev/null
@@ -1,22 +0,0 @@
-t0 = Z2-Y2
-t1 = t0^2
-V2 = s*t1
-t2 = Z2+Y2
-W2 = t2^2
-t3 = W2-V2
-Y4 = t3^2
-t4 = W2+V2
-t5 = t4^2
-Z4 = r*t5
-t6 = Z2-Y2
-t7 = Z3-Y3
-t8 = t6*t7
-V = s*t8
-t9 = Z2+Y2
-t10 = Z3+Y3
-W = t9*t10
-t11 = W-V
-Y5 = t11^2
-t12 = W+V
-t13 = t12^2
-Z5 = Y1*t13
diff --git a/pyecsca/ec/efd/edwards/yzsquared/scaling/scale b/pyecsca/ec/efd/edwards/yzsquared/scaling/scale
deleted file mode 100644
index 8c5563b..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/scaling/scale
+++ /dev/null
@@ -1,2 +0,0 @@
-compute Y3 = Y1 / Z1
-compute Z3 = 1
diff --git a/pyecsca/ec/efd/edwards/yzsquared/scaling/scale.op3 b/pyecsca/ec/efd/edwards/yzsquared/scaling/scale.op3
deleted file mode 100644
index b35c4ba..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/scaling/scale.op3
+++ /dev/null
@@ -1,3 +0,0 @@
-t0 = 1/Z1
-Y3 = Y1*t0
-Z3 = 1
diff --git a/pyecsca/ec/efd/edwards/yzsquared/variables b/pyecsca/ec/efd/edwards/yzsquared/variables
deleted file mode 100644
index 439f49f..0000000
--- a/pyecsca/ec/efd/edwards/yzsquared/variables
+++ /dev/null
@@ -1,7 +0,0 @@
-name squared YZ coordinates with square d
-parameter r
-assume c = 1
-assume d = r^2
-variable Y
-variable Z
-satisfying r*y^2 = Y/Z