[Ecm-commits] r2595 - trunk

cvs commits ecm-commits at lists.gforge.inria.fr
Tue Feb 10 16:24:55 CET 2015


Author: morain
Date: 2015-02-10 16:24:55 +0100 (Tue, 10 Feb 2015)
New Revision: 2595

Modified:
   trunk/README
   trunk/ecm.c
   trunk/main.c
   trunk/test.ecm
   trunk/torsions.c
Log:
improving code covering for torsion groups. Found several bugs. Work done
for Z5 and Z7. Others to follow later.


Modified: trunk/README
===================================================================
--- trunk/README	2015-02-10 08:01:40 UTC (rev 2594)
+++ trunk/README	2015-02-10 15:24:55 UTC (rev 2595)
@@ -466,6 +466,9 @@
 will generate a curve E over the rationals with torsion group Z/5Z and a point
 of infinite order, both generated from parameter sigma = 2.
 
+Note that in the present case, -param is overriden by whatever "good" form
+the curves are built with that prescribed torsion.
+
 Available torsion groups (over the rationals) are: 
 * Z5: for sigma != 0, -1/2, -1/3, -1/4, cf. [1]
 * Z7: [1]

Modified: trunk/ecm.c
===================================================================
--- trunk/ecm.c	2015-02-10 08:01:40 UTC (rev 2594)
+++ trunk/ecm.c	2015-02-10 15:24:55 UTC (rev 2595)
@@ -1064,6 +1064,8 @@
             2 diagnostic output.
 	  sigma_is_A: If true, the sigma parameter contains the curve's A value
 	  Etype
+	  zE is a curve that is used when a special torsion group was used; in
+	    that case, (x, y) must be a point on E.
    Output: f is the factor found.
    Return value: ECM_FACTOR_FOUND_STEPn if a factor was found,
                  ECM_NO_FACTOR_FOUND if no factor was found,
@@ -1249,7 +1251,7 @@
               youpi = get_curve_from_param2 (f, P.A, P.x, sigma, modulus);
           else if (*param == ECM_PARAM_BATCH_32BITS_D)
               youpi = get_curve_from_param3 (P.A, P.x, sigma, modulus);
-          else
+          else if (*param != ECM_PARAM_TORSION)
             {
               outputf (OUTPUT_ERROR, "Error, invalid parametrization.\n");
               youpi = ECM_ERROR;
@@ -1257,9 +1259,10 @@
             }
       
           /* If x != 0 we use this value for the starting point */ 
-          if (mpz_sgn(x) != 0) /* humf */
+          if (mpz_sgn(x) != 0){ /* humf */
               mpres_set_z (P.x, x, modulus);
-      
+              mpres_set_z (P.y, y, modulus);
+	  }      
           if (youpi != ECM_NO_FACTOR_FOUND)
             {
               if (youpi == ECM_ERROR)

Modified: trunk/main.c
===================================================================
--- trunk/main.c	2015-02-10 08:01:40 UTC (rev 2594)
+++ trunk/main.c	2015-02-10 15:24:55 UTC (rev 2595)
@@ -98,7 +98,7 @@
           "\n               can use -sigma i:s to specify -param i at the same"
                                                               " time [ecm]\n");
     printf ("  -A A         use A as a curve coefficient [ecm, see README]\n");
-    printf ("  -torsion T   to generate a curve with torsion group T"
+    printf ("  -torsion T   to generate a curve with torsion group T "
 	                                                "[ecm, see README]\n");
     printf ("  -k n         perform >= n steps in stage 2\n");
     printf ("  -power n     use x^n for Brent-Suyama's extension\n");
@@ -352,7 +352,7 @@
   mpgocandi_t go;
   mpq_t rat_x0, rat_y0, rat_A;
   double B1, B1done;
-  int result = 0, returncode = 0;
+  int result = ECM_NO_FACTOR_FOUND, returncode = 0;
   int verbose = OUTPUT_NORMAL; /* verbose level */
   int timestamp = 0;
   int method = ECM_ECM;
@@ -1391,7 +1391,9 @@
 	    }
 	  else if (torsion != NULL)
 	    {
-              result = build_curves_with_torsion2 (f, n.n, params->E, x, y,
+	      params->param = ECM_PARAM_TORSION;
+	      result = build_curves_with_torsion2 (f, n.n, params->E, 
+						   params->x, params->y,
                                                    torsion, sigma);
 	    }
 	}
@@ -1449,7 +1451,9 @@
 #endif
       
       /* now call the ecm library */
-      result = ecm_factor (f, n.n, B1, params);
+      if(result == ECM_NO_FACTOR_FOUND)
+	  /* if torsion was used, some factor may have been found... */
+	  result = ecm_factor (f, n.n, B1, params);
 
       if (result == ECM_ERROR)
         {

Modified: trunk/test.ecm
===================================================================
--- trunk/test.ecm	2015-02-10 08:01:40 UTC (rev 2594)
+++ trunk/test.ecm	2015-02-10 15:24:55 UTC (rev 2595)
@@ -306,6 +306,14 @@
 
 ##### tests for curves with specific torsion
 echo 4722366482800925736961 | $ECM -torsion Z5 -sigma 2 1e5; checkcode $? 14
+## a factor is to be found during initialization
+echo 12787261 | ./ecm -torsion Z5 -sigma 1000 1e2; checkcode $? 14
+## a factor is to be found during initialization
+echo 123041 | ./ecm -torsion Z7 -sigma 2 1e2; checkcode $? 14
+## a factor is found
+echo 13290059 | ./ecm -torsion Z7 -sigma 4 1e2; checkcode $? 14
+## in step 2
+echo 2432902008176640001 | ./ecm -torsion Z7 -sigma 1 1e3 1e8; checkcode $? 14
 
 # the following tests should work on machines which have uint64_t or where
 # unsigned long long has 64 bits (exercises patch from David Cleaver, r1575)
@@ -321,7 +329,6 @@
 # exercise batch mode
 echo 33852066257429811148979390609187539760850944806763555795340084882048986912482949506591909041130651770779842162499482875755533111808276172876211496409325473343590723224081353129229935527059488811457730702694849036693756201766866018562295004353153066430367 | $ECM -v -sigma 1:17 1e6; checkcode $? 0
 fi
-
 $ECM -printconfig | grep Tuning
 
 echo "All ECM tests are ok."

Modified: trunk/torsions.c
===================================================================
--- trunk/torsions.c	2015-02-10 08:01:40 UTC (rev 2594)
+++ trunk/torsions.c	2015-02-10 15:24:55 UTC (rev 2595)
@@ -132,6 +132,7 @@
    Y = y
    INPUT: if x0 == NULL, we have no point to translate
           if B == NULL, we do not need and we do not compute B
+   REM: we assume gcd(n, 3) = 1.
 */
 void
 MediumWeierstrassToShortWeierstrass(mpz_t A, mpz_t B, mpz_t X, mpz_t Y,
@@ -281,9 +282,13 @@
     mpz_clear(a6);
 }
 
-/* Kubert: put b = c. */
+/* Kubert: put b = c. 
+   SIDE EFFECT: tE[0..nE[ and tP[0..nE[ receive a curve of torsion Z5
+                and a point on it using parameters [smin..smax[.
+   OUTPUT: ECM_NO_FACTOR_FOUND or ECM_FACTOR_FOUND_STEP1 if a factor is found.
+*/
 int
-build_curves_with_torsion_Z5(mpz_t f, mpmod_t n, 
+build_curves_with_torsion_Z5(mpz_t f, mpmod_t n,
 			     ell_curve_t *tE, ell_point_t *tP,
 			     int smin, int smax, int nE)
 {
@@ -305,7 +310,7 @@
 	mpz_mul(tmp, tmp, x0);
 	mpz_add(y0, y0, y0);
 	if(mod_from_rat2(c, tmp, y0, n->orig_modulus) == 0){
-	    /* factor found! */
+	    printf("factor found during Z5_init\n");
 	    mpz_gcd(f, c, n->orig_modulus);
 	    ret = ECM_FACTOR_FOUND_STEP1;
 	    break;
@@ -336,13 +341,15 @@
 }
 
 /* INPUT: 
-   T^2 = S^3 + A * S + B
+     T^2 = S^3 + A * S + B
    => quartic Y^2 = X^4 - 6 * A2 * X^2 + 4 * A1 * X + A0, with
-   X = (T-A1/2)/(S-A2), Y = -X^2 + 2 * S + A2.
+     X = (T-A1/2)/(S-A2), Y = -X^2 + 2 * S + A2.
    => quartic y^2 = f(x) = a4*x^4+...+a0, where
-   x = x0+y0/(X-cte), where cte = f'(x0)/4/y0
-   y = Y/y0*(x-x0)^2 = Y*y0/(X-cte)^2
-   OUTPUT: x, y
+     x = x0+y0/(X-cte), where cte = f'(x0)/4/y0
+     y = Y/y0*(x-x0)^2 = Y*y0/(X-cte)^2
+   SIDE EFFECT: x, y
+   OUTPUT: 1 if no pb occurred,
+           0 if a factor was found and put in f
  */
 int
 cubic_to_quartic(mpz_t f, mpz_t n, mpz_t x, mpz_t y,
@@ -371,6 +378,7 @@
 	mpz_sub(X, X, cte);
 	mpz_mod(X, X, n);
 	if(mpz_invert(f, X, n) == 0){
+	    mpz_gcd(f, X, n);
 	    ret = 0;
 	}
 	else{
@@ -391,7 +399,13 @@
     return ret;
 }
 
-/* tE[i], tP[i] are built in raw modular form, not Montgomery form. */
+/* 
+   SIDE EFFECT: tE[0..nE[ and tP[0..nE[ receive a curve of torsion Z7
+                and a point on it using parameters [umin..umax[.
+   OUTPUT: ECM_NO_FACTOR_FOUND or ECM_FACTOR_FOUND_STEP1 if a factor is found.
+   tE[i], tP[i] are built in raw modular form, not Montgomery form. 
+   REM: we assume gcd(n, 6).
+*/
 int
 build_curves_with_torsion_Z7(mpz_t f, mpmod_t n, 
 			     ell_curve_t *tE, ell_point_t *tP,
@@ -443,14 +457,14 @@
 	mpz_set_ui(d, u);
 	/* TODO: replace with ell_point_add, one of these days */
 	if(ell_point_mul(Q, d, P, E, n) == 0){
-	    printf("found factor during update of Q\n");
+	    printf("found factor during update of Q in Z7\n");
 	    mpz_set(f, Q->x);
 	    ret = ECM_FACTOR_FOUND_STEP1;
 	    break;
 	}
 #if DEBUG_TORSION >= 2
 	printf("(s, t)[%d]:=", u);
-	pt_print(Q, n);
+	pt_print(E, Q, n);
 	printf(";\n");
 #endif
 	/* come back to plain (not Montgomery) residues */
@@ -1505,6 +1519,7 @@
 	/* c:=RatMod(-t*(2*t^2-3*t+1)/(t^2-3*t+1), N); */
 	if(mpz_invert(f, den, n->orig_modulus) == 0){
 	    printf("# factor found in Z2xZ10 (den)\n");
+	    mpz_gcd(f, den, n->orig_modulus);
 	    ret = ECM_FACTOR_FOUND_STEP1;
 	    break;
 	}
@@ -2066,6 +2081,11 @@
     return ret;
 }
 
+/* E is a curve with given torsion and (x, y) a point on E mod n.
+   OUTPUT: ECM_NO_FACTOR_FOUND if everything went ok
+           ECM_FACTOR_FOUND_STEP1 in case a factor was found when building E.
+   
+ */
 int
 build_curves_with_torsion2(mpz_t f, mpz_t n, ell_curve_t E, 
 			   mpz_t x, mpz_t y, char *torsion, 
@@ -2081,13 +2101,17 @@
     mpmod_init(modulus, n, ECM_MOD_DEFAULT);
     ret = build_curves_with_torsion(f, modulus, tE, tP, torsion, smin, smax, 1,
 				    0, NULL);
-    mpres_get_z(E->a2, tE[0]->a2, modulus);
-    mpres_get_z(E->a4, tE[0]->a4, modulus);
-    mpres_get_z(E->a6, tE[0]->a6, modulus);
-    mpz_set(x, tP[0]->x);
-    mpz_set(y, tP[0]->y);
-    ell_point_clear(tP[0], tE[0], modulus);
-    ell_curve_clear(tE[0], modulus);
+    if(ret == ECM_NO_FACTOR_FOUND){
+	E->type = tE[0]->type;
+	E->law = tE[0]->law;
+	mpres_get_z(E->a2, tE[0]->a2, modulus);
+	mpres_get_z(E->a4, tE[0]->a4, modulus);
+	mpres_get_z(E->a6, tE[0]->a6, modulus);
+	mpz_set(x, tP[0]->x);
+	mpz_set(y, tP[0]->y);
+	ell_point_clear(tP[0], tE[0], modulus);
+	ell_curve_clear(tE[0], modulus);
+    }
     mpmod_clear(modulus);
     return ret;
 }



More information about the Ecm-commits mailing list