diff --git a/include/relic_ep.h b/include/relic_ep.h index 1548afb06..bb7255d09 100644 --- a/include/relic_ep.h +++ b/include/relic_ep.h @@ -64,7 +64,7 @@ enum { /* Barreto-Lynn-Scott family with embedding degree 12. */ EP_B12, /* New family from Fotiadis-Martindale family with embedding degree 16. */ - EP_N16, + EP_AFG16, /* Fotiadis-Martindale family with embedding degree 16. */ EP_FM16, /* Kachisa-Schaefer-Scott family with embedding degree 16. */ @@ -161,6 +161,8 @@ enum { K18_P508, /** Barreto-Lynn-Scott curve with embedding degree 24. */ B24_P509, + /** New family with embeeding degree 16. */ + AFG16_P510, /** Optimal TNFS-secure curve with embedding degree 8. */ OT8_P511, /** Cocks-pinch curve with embedding degree 8. */ @@ -182,7 +184,7 @@ enum { /** Kachisa-Schaefer-Scott with embedding degree 16. */ K16_P766, /** New family with embeeding degree 16. */ - N16_P766, + AFG16_P766, /* Fotiadis-Moartindale with embedding degree 18. */ FM18_P768, /** Barreto-Lynn-Scott curve with embedding degree 12. */ diff --git a/include/relic_fp.h b/include/relic_fp.h index 0ecbbac00..38d6d1e9c 100644 --- a/include/relic_fp.h +++ b/include/relic_fp.h @@ -140,10 +140,12 @@ enum { B12_446, /** 455-bit prime for BLS curve of embedding degree 12. */ B12_455, - /** 477-bit prime for BLS curve of embedding degree 24. */ - B24_509, /** 508-bit prime for KSS16 curve. */ K18_508, + /** 477-bit prime for BLS curve of embedding degree 24. */ + B24_509, + /** 510-bit prime for new family with embedding degree 16. */ + AFG16_510, /** Random 544-bit prime for Cocks-Pinch curve with embedding degree 8. */ GMT8_544, /** 569-bit prime for SG curve with embedding degree 54. */ @@ -163,7 +165,7 @@ enum { /** 766-bit prime for KSS curve with embedding degree 16. */ K16_766, /** 766-bit prime for new family with embedding degree 16. */ - N16_766, + AFG16_766, /** 768-bit prime for FM curve with embedding degree 18. */ FM18_768, /** 1024-bit prime for CTIDH. */ diff --git a/include/relic_pc.h b/include/relic_pc.h index 797b98c9f..f5e317010 100644 --- a/include/relic_pc.h +++ b/include/relic_pc.h @@ -59,7 +59,7 @@ #if FP_PRIME == 575 #define RLC_G2_LOWER ep8_ #define RLC_G2_BASEF(A) A[0][0][0] -#elif FP_PRIME == 315 || FP_PRIME == 317 || FP_PRIME == 330 || FP_PRIME == 509 || FP_PRIME == 765 || FP_PRIME == 766 +#elif FP_PRIME == 315 || FP_PRIME == 317 || FP_PRIME == 330 || FP_PRIME == 509 || FP_PRIME == 510 || FP_PRIME == 765 || FP_PRIME == 766 #define RLC_G2_LOWER ep4_ #define RLC_G2_BASEF(A) A[0][0] #elif FP_PRIME == 354 || FP_PRIME == 508 || FP_PRIME == 768 || FP_PRIME == 638 && !defined(FP_QNRES) @@ -81,7 +81,7 @@ #elif FP_PRIME == 354 || FP_PRIME == 508 || FP_PRIME == 768 || FP_PRIME == 638 && !defined(FP_QNRES) #define RLC_GT_LOWER fp18_ #define RLC_GT_EMBED 18 -#elif FP_PRIME == 330 || FP_PRIME == 765 || FP_PRIME == 766 +#elif FP_PRIME == 330 || FP_PRIME == 510 || FP_PRIME == 765 || FP_PRIME == 766 #define RLC_GT_LOWER fp16_ #define RLC_GT_EMBED 16 #elif FP_PRIME == 544 diff --git a/preset/x64-pbc-afg16-510.sh b/preset/x64-pbc-afg16-510.sh new file mode 100755 index 000000000..2f53dbf3e --- /dev/null +++ b/preset/x64-pbc-afg16-510.sh @@ -0,0 +1,2 @@ +#!/bin/sh +cmake -DWSIZE=64 -DRAND=UDEV -DSHLIB=OFF -DSTBIN=ON -DTIMER=CYCLE -DCHECK=off -DVERBS=off -DARITH=x64-asm-8l -DFP_PRIME=510 -DFP_METHD="INTEG;INTEG;INTEG;MONTY;JMPDS;JMPDS;SLIDE" -DCFLAGS="-O3 -funroll-loops -fomit-frame-pointer -march=native -mtune=native" -DFP_PMERS=off -DFP_QNRES=off -DFPX_METHD="INTEG;INTEG;LAZYR" -DEP_METHD="JACOB;LWNAF;COMBS;INTER;SWIFT" -DEP_PLAIN=off -DEP_SUPER=off -DPP_METHD="LAZYR;OATEP" -DWITH="ALL" $1 diff --git a/src/ep/relic_ep_curve.c b/src/ep/relic_ep_curve.c index 236f3d6e8..5c80e6fd2 100644 --- a/src/ep/relic_ep_curve.c +++ b/src/ep/relic_ep_curve.c @@ -533,7 +533,7 @@ int ep_curve_embed(void) { case EP_BN: case EP_B12: return 12; - case EP_N16: + case EP_AFG16: case EP_FM16: case EP_K16: return 16; diff --git a/src/ep/relic_ep_mul_cof.c b/src/ep/relic_ep_mul_cof.c index 2101f6ece..a0dd8f5e6 100644 --- a/src/ep/relic_ep_mul_cof.c +++ b/src/ep/relic_ep_mul_cof.c @@ -68,7 +68,7 @@ void ep_mul_cof(ep_t r, const ep_t p) { bn_add_dig(k, k, 1); ep_mul_basic(r, p, k); break; - case EP_N16: + case EP_AFG16: /* if (u % 2) == 0, compute = (u * (u**3+1)/2)*P * else Compute (u * (u**3+1))*P */ bn_sqr(l, k); diff --git a/src/ep/relic_ep_param.c b/src/ep/relic_ep_param.c index 5de45b5ad..37709b937 100644 --- a/src/ep/relic_ep_param.c +++ b/src/ep/relic_ep_param.c @@ -577,6 +577,20 @@ /** @} */ #endif +#if defined(EP_ENDOM) && FP_PRIME == 510 +/** + * Parameters for a 510-bit pairing-friendly prime curve. + */ +/** @{ */ +#define AFG16_P510_A "1" +#define AFG16_P510_B "0" +#define AFG16_P510_X "1B28C3BEC45CD9C234F465962ECE64778E165478A23196AB96FDCC96158DB382D54A07059A286B6C1E55B96C4A8C618F47A6A36A26C99E3E1FE8BC25D74E1498" +#define AFG16_P510_Y "BA2C88F672B5A4B486E8A86442B9B1A41917DB750072E398FC106020C3ADECC12A87CB01F0D19B1803A97C300D97545941DADE18CB8A648A79F3BB0744F9F8C" +#define AFG16_P510_R "E1B262AFF36AB56C7EFDECD784FACE4291A5FFE880A4AAD37C71010000000001" +#define AFG16_P510_H "5922DDB02112D02D09E6928213608A7AC1EE7A916706E3DA46FA55988D318CFF" +/** @} */ +#endif + #if defined(EP_ENDOM) && FP_PRIME == 544 /** * Parameters for the 544-bit Cocks-Pinch curve. @@ -704,12 +718,12 @@ * Parameters for a 766-bit pairing-friendly prime curve. */ /** @{ */ -#define N16_P766_A "1" -#define N16_P766_B "0" -#define N16_P766_X "177E5E088795AE368F68ADB4938F647BCCB7D0BCB70456E3B3BC0C6EE12FA3D0E1DFC2FD81C215EC25E602DE8BCEE98A7F8FC23E4A296B9DDEF34BB90A27DD4804B90F7783FE2C891A820941DB16535E1FD73E73038A520AAE396F0949D7E46D" -#define N16_P766_Y "1CE39931AB952C962CBF6F4E8BE79D6AD3D931B2B100185707032C109C9476305F44D30E1D551E965D44D661327D878EC47ED7A9D1DCDDCA96091E74FB4FF6D42CE809579AB9C72417C55849377E4BA31A0B5F687D840E4CE99E63D583050147" -#define N16_P766_R "FFFF7000238FFAF4807374994CF93FE6E28D406881B18D350193FE6E3E533E4073749FEBD2000238FFFFDC0000010001" -#define N16_P766_H "3FFFDC0008E3FEBD201CDD26533E4FF9B8A3D019F36C69AB3FF0479FDCFCBD856CEE5D9B2D34778FD7D2F6D2DC004204" +#define AFG16_P766_A "1" +#define AFG16_P766_B "0" +#define AFG16_P766_X "177E5E088795AE368F68ADB4938F647BCCB7D0BCB70456E3B3BC0C6EE12FA3D0E1DFC2FD81C215EC25E602DE8BCEE98A7F8FC23E4A296B9DDEF34BB90A27DD4804B90F7783FE2C891A820941DB16535E1FD73E73038A520AAE396F0949D7E46D" +#define AFG16_P766_Y "1CE39931AB952C962CBF6F4E8BE79D6AD3D931B2B100185707032C109C9476305F44D30E1D551E965D44D661327D878EC47ED7A9D1DCDDCA96091E74FB4FF6D42CE809579AB9C72417C55849377E4BA31A0B5F687D840E4CE99E63D583050147" +#define AFG16_P766_R "FFFF7000238FFAF4807374994CF93FE6E28D406881B18D350193FE6E3E533E4073749FEBD2000238FFFFDC0000010001" +#define AFG16_P766_H "3FFFDC0008E3FEBD201CDD26533E4FF9B8A3D019F36C69AB3FF0479FDCFCBD856CEE5D9B2D34778FD7D2F6D2DC004204" /** @} */ #endif @@ -1143,6 +1157,13 @@ void ep_param_set(int param) { pairf = EP_B24; break; #endif +#if defined(EP_ENDOM) && FP_PRIME == 510 + case AFG16_P510: + ASSIGN(AFG16_P510, AFG16_510); + endom = 1; + pairf = EP_AFG16; + break; +#endif #if defined(EP_PLAIN) && FP_PRIME == 511 case CURVE_511187: ASSIGN(CURVE_511187, PRIME_511187); @@ -1211,10 +1232,10 @@ void ep_param_set(int param) { endom = 1; pairf = EP_K16; break; - case N16_P766: - ASSIGN(N16_P766, N16_766); + case AFG16_P766: + ASSIGN(AFG16_P766, AFG16_766); endom = 1; - pairf = EP_N16; + pairf = EP_AFG16; break; #endif #if defined(EP_ENDOM) && FP_PRIME == 768 @@ -1290,7 +1311,7 @@ void ep_param_set(int param) { bn_sqr(lamb, lamb); bn_sub_dig(lamb, lamb, 1); break; - case EP_N16: + case EP_AFG16: case EP_FM16: /* lambda = -u^4. */ bn_sqr(lamb, lamb); @@ -1499,6 +1520,8 @@ int ep_param_set_any_endom(void) { ep_param_set(K18_P508); #elif FP_PRIME == 509 ep_param_set(B24_P509); +#elif FP_PRIME == 510 + ep_param_set(AFG16_P510); #elif FP_PRIME == 544 ep_param_set(GMT8_P544); #elif FP_PRIME == 638 @@ -1512,7 +1535,7 @@ int ep_param_set_any_endom(void) { ep_param_set(FM16_P765); #elif FP_PRIME == 766 //ep_param_set(K16_P766); - ep_param_set(N16_P766); + ep_param_set(AFG16_P766); #elif FP_PRIME == 768 ep_param_set(FM18_P768); #elif FP_PRIME == 1150 @@ -1608,6 +1631,10 @@ int ep_param_set_any_pairf(void) { ep_param_set(B24_P509); type = RLC_EP_DTYPE; extension = 4; +#elif FP_PRIME == 510 + ep_param_set(AFG16_P510); + type = RLC_EP_DTYPE; + extension = 4; #elif FP_PRIME == 544 ep_param_set(GMT8_P544); type = RLC_EP_MTYPE; @@ -1640,7 +1667,7 @@ int ep_param_set_any_pairf(void) { extension = 4; #elif FP_PRIME == 766 //ep_param_set(K16_P766); - ep_param_set(N16_P766); + ep_param_set(AFG16_P766); type = RLC_EP_MTYPE; extension = 4; #elif FP_PRIME == 768 @@ -1785,6 +1812,9 @@ void ep_param_print(void) { case B24_P509: util_banner("Curve B24-P509:", 0); break; + case AFG16_P510: + util_banner("Curve AFG16-P510:", 0); + break; case SG54_P569: util_banner("Curve SG54-P569:", 0); break; @@ -1803,8 +1833,8 @@ void ep_param_print(void) { case SG18_P638: util_banner("Curve SG18-P638:", 0); break; - case N16_P766: - util_banner("Curve N16-P766:", 0); + case AFG16_P766: + util_banner("Curve AFG16-P766:", 0); break; case FM16_P765: util_banner("Curve FM16-P765:", 0); @@ -1872,6 +1902,7 @@ int ep_param_level(void) { case B12_P383: case BN_P446: case B12_P446: + case AFG16_P510: case GMT8_P544: case SS_P1536: return 128; diff --git a/src/epx/relic_ep4_curve.c b/src/epx/relic_ep4_curve.c index bf0a6c23d..dbb552368 100644 --- a/src/epx/relic_ep4_curve.c +++ b/src/epx/relic_ep4_curve.c @@ -130,6 +130,29 @@ /** @} */ #endif +#if defined(EP_ENDOM) && FP_PRIME == 510 +/** @{ */ +#define AFG16_P510_A0 "0" +#define AFG16_P510_A1 "0" +#define AFG16_P510_A2 "0" +#define AFG16_P510_A3 "13E5E7C71142B9DC2408FB30DBAAEBDDE145A72D66379DC2D4B10355A1D8584917372EB11F4AB5569F6FDC8A937BB4D34A18BF84721822098BBFC11A4134E6CD" +#define AFG16_P510_B0 "0" +#define AFG16_P510_B1 "0" +#define AFG16_P510_B2 "0" +#define AFG16_P510_B3 "0" +#define AFG16_P510_X0 "2EA0D837F9505A1BD454082C2B8B728CD8C403B17932782BD070620535AFA442A9CE24AD9F2963DB2A4D5E7BDC022C4FA4F2AB2B55D6DD0BCBB9857923109CD4" +#define AFG16_P510_X1 "232FE02EC19D4540C57E8CB2B2ED780FAB2725E9CF7AE8925696B98EDF91F3190B1B2AD86D2D8B341F6B94AADAC1FBFE652D09AE648ED001A89108B8AF4294B2" +#define AFG16_P510_X2 "32F92073C40562819F5328FB42392C407193B90F23A908806D96A3AB6DB2873638ADE6F3482ECEAA64BC28FC97B786B08F68F3843E385D860757F4E12CF5572" +#define AFG16_P510_X3 "DE1B564F45550ECBF18AE6C4AD5D33230E7D0FC3748BC740B983658867DE2EC6AE414CAB17A1E0AD2C46A375C8E8BF55E5A3069FB24C24AADC15074867F6DAE" +#define AFG16_P510_Y0 "1191E5FF4B39DCA47B9AAD66C34FF0804EB111F1812E724A57E360DFEE99F6B02B61BAACB913F60B651958A81E8866D95F53B9EB6DE67745A7E728E99B89C4B4" +#define AFG16_P510_Y1 "D679B3985E3E8059FFD648A42F8A0469FC407E18A60E5C43F44D7DE80E6C88C6F08E6DB68F12807AA4E5B9146F1916A6F55DC205A28B43D97E9FEF4BEB8CCF6" +#define AFG16_P510_Y2 "F9EC59C51A0659B345BBC667995C7CE7E0B634650695F10DBF5DC6939C8C01EB6300D4CFE588F2688AC62321E0680781EC762F7BC15188A6402D6A8385E2ACE" +#define AFG16_P510_Y3 "548143A57CCE97D112AE4E7F508666844FA738024B39CA491CE95DA900B80FF2825CD1C29D31D2B65AF808206B44543F963290FD53346A21C1985D1D7D79C03" +#define AFG16_P510_R "E1B262AFF36AB56C7EFDECD784FACE4291A5FFE880A4AAD37C71010000000001" +#define AFG16_P510_H "452D1EFAAFB1078C06C4761679A4108402FC0F525F80ACCFC87584691797A9AD719B7AC94460FB954747B6F7C620A2541331D0D613001C5218AF53F0D5A5D056B3EBDAAC432A488D849F1F2B3FC5A4FE5AD308B8BEBB37F25FA43EC06A7436AEB728AAE611014434A0CEB65D43DE1C46722886DB8B870792912A24099077382" +/** @} */ +#endif + #if defined(EP_ENDOM) && FP_PRIME == 765 /** @{ */ #define FM16_P765_A0 "0" @@ -178,24 +201,24 @@ #if defined(EP_ENDOM) && FP_PRIME == 766 /** @{ */ -#define N16_P766_A0 "0" -#define N16_P766_A1 "0" -#define N16_P766_A2 "1" -#define N16_P766_A3 "0" -#define N16_P766_B0 "0" -#define N16_P766_B1 "0" -#define N16_P766_B2 "0" -#define N16_P766_B3 "0" -#define N16_P766_X0 "36097A5BDF2276730FCAC23EA21B0C85D46B013D5A33B2D403BD82155F681BC3A1213F7AD40BFD5B64409C6B909A44F1AC391DE4222B56C55CC74DCB5DCEC23696575F80C402A1256C267F9D1CA325558C3357B116AC85CF856E51590FE7C34F" -#define N16_P766_X1 "17CC3006229289EEC6AAA00FD81F17F26CECDE216E03B5DF64B61FEBA6DFF9D3F032642D66F8E5D4DE44934FB1CB99AFB0A6A939ADAFDA1E6197A474C3BBDDBA71E6120B3AAFE1007A8D0F360651B316312F902B1EB346DD2B276FEEE75ABDD1" -#define N16_P766_X2 "2B79EC9BDF7F80A86DD7F3CE18A3D1FAAEAEDE9312797735EA7F090760B4730CEE401EF9CAB0978C14E967FCE1CEEF5660DFA40F367F698D0CDE9C0F0EF361D70E186EA991CD0F6DB63FE88C45EC5909DFC866862C7B1D1DE6A04843761E5E3" -#define N16_P766_X3 "2005908CF374B24B1C7CF8C5CE656D04515082E61F3088C28D58B9E0249CA864AF1773F479D3272C567311FB287E579547743E8CA51A9D4B45FF5D3D6B4A2BB1865B6E4FB045953D716C68A73095A74CCDDAD5AFCEA74E676D37452916B5CB24" -#define N16_P766_Y0 "137A898DDF4399F2ABB29920707790495F645B373F419C4E2A96DA05B90488BED334F2B8A44AF71C92D947009618358A14F8DE18F0D777F0DE4F98625C4024DBEB8EA858A7AEFAEC093EA12ED7A7C70142AE3583D27982B26AFD75FB441A4B66" -#define N16_P766_Y1 "4D0ADEC5B4B77DFBEB78227FC664F7520A469DBEA674C845F64B537ABFB808F9857EEFBDE088D0422C919ECD562D7C668A42F6C2DAB0B26D7C4D4C3B835CBEA2A843CD3A449B44F0D6D4026512670C3600B02CEFDF9BBF21975B596DD732C13" -#define N16_P766_Y2 "2FCE7D8564D037E95317C3110542BB780D8824436B6F3626C8A4BF1D1C1FB7C1FDF12E7BC52D9F19914404EF71873EFB36C95AF0C6635329D556431A902BA01186D968C0D4BF55F17F7FED3072D77D9DE8D151135952C6EE7855E8F6176B4D66" -#define N16_P766_Y3 "2BAD268ACF32E9D617EC80588A3F1063C5565008B9DF82E8E9B8451F874C36157A280057EF467E0BFCA1FE7AF5C79CDCD055011B2F0F14764B8F1C97BEA256BD5A40FC8020486507E52413A11B70F8D6A3ACF396D5F0D8902950A3E3821B4C64" -#define N16_P766_R "FFFF7000238FFAF4807374994CF93FE6E28D406881B18D350193FE6E3E533E4073749FEBD2000238FFFFDC0000010001" -#define N16_P766_H "FFFC10079DE659DE808DDCE130F752738172840B38A5FC5FC7E040BFD9DCEE27BC5A7B95CED5C4229B3FA11F8F6FAE01BE1FBBBAF34CEF81E7CAFC72FAA4ECB8710AB4E1097D5F96BC6E8A5A88DE77C8B1F025B2691EEE839B4DBE2AC3433AA9E3567E22C5F26F401F6D0458C5F931050EB64B76A27B1D74E69AF8751AB329F9AA6F80C46E4F46D6727D476002C6DD1893DDC185AE4BE7842818B8DF91045FAF7F0A85549CFF3D6F3F45C0010E9F70243663C0840EEE489118422163CFDA9A843ABA6C408D3EC6C858FEDF4BDE93A28C7FD16B34CC1E1074ADB78D9F4F7F5E96DC4F0C5DCA4F360BCB4933A50ABAC5204B89055875059167BA03E0402A1CB965B48313B481483B26F3F1192C673BC76FBDA8395741062530251758B6B86500570F6C3FAF490A5C01D1B62653C6C1DF188A9358877DC50DAB36655B01F092A8AF90F6259FB91E5D57E2DA8FDD5F06A2" +#define AFG16_P766_A0 "0" +#define AFG16_P766_A1 "0" +#define AFG16_P766_A2 "1" +#define AFG16_P766_A3 "0" +#define AFG16_P766_B0 "0" +#define AFG16_P766_B1 "0" +#define AFG16_P766_B2 "0" +#define AFG16_P766_B3 "0" +#define AFG16_P766_X0 "36097A5BDF2276730FCAC23EA21B0C85D46B013D5A33B2D403BD82155F681BC3A1213F7AD40BFD5B64409C6B909A44F1AC391DE4222B56C55CC74DCB5DCEC23696575F80C402A1256C267F9D1CA325558C3357B116AC85CF856E51590FE7C34F" +#define AFG16_P766_X1 "17CC3006229289EEC6AAA00FD81F17F26CECDE216E03B5DF64B61FEBA6DFF9D3F032642D66F8E5D4DE44934FB1CB99AFB0A6A939ADAFDA1E6197A474C3BBDDBA71E6120B3AAFE1007A8D0F360651B316312F902B1EB346DD2B276FEEE75ABDD1" +#define AFG16_P766_X2 "2B79EC9BDF7F80A86DD7F3CE18A3D1FAAEAEDE9312797735EA7F090760B4730CEE401EF9CAB0978C14E967FCE1CEEF5660DFA40F367F698D0CDE9C0F0EF361D70E186EA991CD0F6DB63FE88C45EC5909DFC866862C7B1D1DE6A04843761E5E3" +#define AFG16_P766_X3 "2005908CF374B24B1C7CF8C5CE656D04515082E61F3088C28D58B9E0249CA864AF1773F479D3272C567311FB287E579547743E8CA51A9D4B45FF5D3D6B4A2BB1865B6E4FB045953D716C68A73095A74CCDDAD5AFCEA74E676D37452916B5CB24" +#define AFG16_P766_Y0 "137A898DDF4399F2ABB29920707790495F645B373F419C4E2A96DA05B90488BED334F2B8A44AF71C92D947009618358A14F8DE18F0D777F0DE4F98625C4024DBEB8EA858A7AEFAEC093EA12ED7A7C70142AE3583D27982B26AFD75FB441A4B66" +#define AFG16_P766_Y1 "4D0ADEC5B4B77DFBEB78227FC664F7520A469DBEA674C845F64B537ABFB808F9857EEFBDE088D0422C919ECD562D7C668A42F6C2DAB0B26D7C4D4C3B835CBEA2A843CD3A449B44F0D6D4026512670C3600B02CEFDF9BBF21975B596DD732C13" +#define AFG16_P766_Y2 "2FCE7D8564D037E95317C3110542BB780D8824436B6F3626C8A4BF1D1C1FB7C1FDF12E7BC52D9F19914404EF71873EFB36C95AF0C6635329D556431A902BA01186D968C0D4BF55F17F7FED3072D77D9DE8D151135952C6EE7855E8F6176B4D66" +#define AFG16_P766_Y3 "2BAD268ACF32E9D617EC80588A3F1063C5565008B9DF82E8E9B8451F874C36157A280057EF467E0BFCA1FE7AF5C79CDCD055011B2F0F14764B8F1C97BEA256BD5A40FC8020486507E52413A11B70F8D6A3ACF396D5F0D8902950A3E3821B4C64" +#define AFG16_P766_R "FFFF7000238FFAF4807374994CF93FE6E28D406881B18D350193FE6E3E533E4073749FEBD2000238FFFFDC0000010001" +#define AFG16_P766_H "FFFC10079DE659DE808DDCE130F752738172840B38A5FC5FC7E040BFD9DCEE27BC5A7B95CED5C4229B3FA11F8F6FAE01BE1FBBBAF34CEF81E7CAFC72FAA4ECB8710AB4E1097D5F96BC6E8A5A88DE77C8B1F025B2691EEE839B4DBE2AC3433AA9E3567E22C5F26F401F6D0458C5F931050EB64B76A27B1D74E69AF8751AB329F9AA6F80C46E4F46D6727D476002C6DD1893DDC185AE4BE7842818B8DF91045FAF7F0A85549CFF3D6F3F45C0010E9F70243663C0840EEE489118422163CFDA9A843ABA6C408D3EC6C858FEDF4BDE93A28C7FD16B34CC1E1074ADB78D9F4F7F5E96DC4F0C5DCA4F360BCB4933A50ABAC5204B89055875059167BA03E0402A1CB965B48313B481483B26F3F1192C673BC76FBDA8395741062530251758B6B86500570F6C3FAF490A5C01D1B62653C6C1DF188A9358877DC50DAB36655B01F092A8AF90F6259FB91E5D57E2DA8FDD5F06A2" /** @} */ #endif @@ -354,7 +377,7 @@ void ep4_curve_mul_a(fp4_t c, const fp4_t a) { } fp4_mul_art(c, c); } else { - switch (ctx->ep8_opt_a) { + switch (ctx->ep4_opt_a) { case RLC_ZERO: fp4_zero(c); break; @@ -481,6 +504,10 @@ void ep4_curve_set_twist(int type) { case B24_P509: ASSIGN(B24_P509); break; +#elif FP_PRIME == 510 + case AFG16_P510: + ASSIGN(AFG16_P510); + break; #elif FP_PRIME == 765 case FM16_P765: ASSIGN(FM16_P765); @@ -489,8 +516,8 @@ void ep4_curve_set_twist(int type) { case K16_P766: ASSIGN(K16_P766); break; - case N16_P766: - ASSIGN(N16_P766); + case AFG16_P766: + ASSIGN(AFG16_P766); break; #endif default: @@ -514,16 +541,21 @@ void ep4_curve_set_twist(int type) { bn_copy(&(ctx->ep4_h), h); if (ep4_curve_opt_b() == RLC_ZERO) { - fp2_zero(a[0]); - fp_copy(a[1][0], ctx->fp2_p2[1][0]); - fp_copy(a[1][1], ctx->fp2_p2[1][1]); - fp4_inv(a, a); - fp_copy(ctx->fp4_p1[0], a[1][0]); - fp_copy(ctx->fp4_p1[1], a[1][1]); - if (fp2_is_zero(a[1])) { - ctx->frb4 = 0; + if (type == RLC_EP_MTYPE) { + fp2_zero(a[0]); + fp_copy(a[1][0], ctx->fp2_p2[1][0]); + fp_copy(a[1][1], ctx->fp2_p2[1][1]); + fp4_inv(a, a); + fp_copy(ctx->fp4_p1[0], a[1][0]); + fp_copy(ctx->fp4_p1[1], a[1][1]); + if (fp2_is_zero(a[1])) { + ctx->frb4 = 0; + } else { + ctx->frb4 = 1; + } } else { - ctx->frb4 = 1; + fp_copy(ctx->fp4_p1[0], ctx->fp2_p2[1][0]); + fp_copy(ctx->fp4_p1[1], ctx->fp2_p2[1][1]); } } else { if (type == RLC_EP_MTYPE) { diff --git a/src/epx/relic_ep4_mul.c b/src/epx/relic_ep4_mul.c index fa092228a..1ee6fd59e 100644 --- a/src/epx/relic_ep4_mul.c +++ b/src/epx/relic_ep4_mul.c @@ -60,7 +60,7 @@ static void ep4_psi(ep4_t r, const ep4_t p) { ep4_dbl(r, r); ep4_sub(r, r, q); break; - case EP_N16: + case EP_AFG16: /* u = -p^5 mod r */ ep4_frb(r, p, 5); ep4_neg(r, r); @@ -122,7 +122,7 @@ static void ep4_mul_gls_imp(ep4_t r, const ep4_t p, const bn_t k) { } ep4_tab(t[0], q, RLC_WIDTH); - if (ep_curve_is_pairf() == EP_K16 || ep_curve_is_pairf() == EP_N16) { + if (ep_curve_is_pairf() == EP_K16 || ep_curve_is_pairf() == EP_AFG16) { /* Minimize use of endomorphism when it's expensive. */ for (size_t i = 1; i < 8; i++) { ep4_psi(q, t[i - 1][0]); diff --git a/src/epx/relic_ep4_mul_cof.c b/src/epx/relic_ep4_mul_cof.c index 459a64f87..cb6801815 100644 --- a/src/epx/relic_ep4_mul_cof.c +++ b/src/epx/relic_ep4_mul_cof.c @@ -132,7 +132,7 @@ static void ep4_mul_cof_k16(ep4_t r, const ep4_t p) { * @param[out] r - the result. * @param[in] p - the point to multiply. */ -static void ep4_mul_cof_n16(ep4_t r, const ep4_t p) { +static void ep4_mul_cof_afg16(ep4_t r, const ep4_t p) { bn_t x; ep4_t t0, t1, t2, t3, t4, t5; @@ -357,8 +357,8 @@ void ep4_mul_cof(ep4_t r, const ep4_t p) { case EP_K16: ep4_mul_cof_k16(r, p); break; - case EP_N16: - ep4_mul_cof_n16(r, p); + case EP_AFG16: + ep4_mul_cof_afg16(r, p); break; case EP_FM16: ep4_mul_cof_fm16(r, p); diff --git a/src/fp/relic_fp_param.c b/src/fp/relic_fp_param.c index 136899c52..fe01a4744 100644 --- a/src/fp/relic_fp_param.c +++ b/src/fp/relic_fp_param.c @@ -475,6 +475,17 @@ void fp_param_set(int param) { bn_neg(t0, t0); fp_prime_set_pairf(t0, EP_B24); break; +#elif FP_PRIME == 510 + case AFG16_510: + /* x = 2^32-2^26+2^10+2^5. */ + bn_set_2b(t0, 32); + bn_set_2b(t1, 26); + bn_sub(t0, t0, t1); + bn_set_2b(t1, 10); + bn_add(t0, t0, t1); + bn_add_dig(t0, t0, 32); + fp_prime_set_pairf(t0, EP_AFG16); + break; #elif FP_PRIME == 511 case CTIDH_511: bn_read_str(p, STR_P511, strlen(STR_P511), 16); @@ -605,7 +616,7 @@ void fp_param_set(int param) { bn_add_dig(t0, t0, 1); fp_prime_set_pairf(t0, EP_K16); break; - case N16_766: + case AFG16_766: /* u = 2^48-2^28-2^25+2^2 */ bn_set_2b(t0, 48); bn_set_2b(t1, 28); @@ -613,7 +624,7 @@ void fp_param_set(int param) { bn_set_2b(t1, 25); bn_sub(t0, t0, t1); bn_add_dig(t0, t0, 4); - fp_prime_set_pairf(t0, EP_N16); + fp_prime_set_pairf(t0, EP_AFG16); break; #elif FP_PRIME == 768 case FM18_768: @@ -823,6 +834,8 @@ int fp_param_set_any_tower(void) { fp_param_set(K18_508); #elif FP_PRIME == 509 fp_param_set(B24_509); +#elif FP_PRIME == 510 + fp_param_set(AFG16_510); #elif FP_PRIME == 511 fp_param_set(CTIDH_511); #elif FP_PRIME == 544 @@ -842,7 +855,7 @@ int fp_param_set_any_tower(void) { #elif FP_PRIME == 765 fp_param_set(FM16_765); #elif FP_PRIME == 766 - fp_param_set(N16_766); + fp_param_set(AFG16_766); //fp_param_set(K16_766); #elif FP_PRIME == 768 fp_param_set(FM18_768); diff --git a/src/fp/relic_fp_prime.c b/src/fp/relic_fp_prime.c index a44c2ccab..240d03024 100644 --- a/src/fp/relic_fp_prime.c +++ b/src/fp/relic_fp_prime.c @@ -414,7 +414,7 @@ void fp_prime_set_pairf(const bn_t x, int pairf) { bn_add(p, p, t0); fp_prime_set_dense(p); break; - case EP_N16: + case EP_AFG16: /* p = (x^16 + 2*x^13 + x^10 + 5*x^8 + 6*x^5 + x^2 + 4)/4 */ bn_sqr(p, t0); bn_mul(p, p, t0); diff --git a/src/fpx/relic_fp16_mul.c b/src/fpx/relic_fp16_mul.c index d2ce1447a..a51997a5f 100644 --- a/src/fpx/relic_fp16_mul.c +++ b/src/fpx/relic_fp16_mul.c @@ -94,16 +94,28 @@ void fp16_mul_dxs_basic(fp16_t c, const fp16_t a, const fp16_t b) { /* Karatsuba algorithm. */ - /* t0 = a_0 * b_0. */ - fp8_mul(t0, a[0], b[0]); - - /* t1 = a_1 * b_1. */ - fp4_mul(t1[0], a[1][1], b[1][1]); - fp4_add(t1[1], a[1][0], a[1][1]); - fp4_mul(t1[1], t1[1], b[1][1]); - fp4_sub(t1[1], t1[1], t1[0]); - fp4_mul_art(t1[0], t1[0]); - + if (fp4_is_zero(b[1][0])) { + /* t0 = a_0 * b_0. */ + fp8_mul(t0, a[0], b[0]); + + /* t1 = a_1 * b_1. */ + fp4_mul(t1[0], a[1][1], b[1][1]); + fp4_add(t1[1], a[1][0], a[1][1]); + fp4_mul(t1[1], t1[1], b[1][1]); + fp4_sub(t1[1], t1[1], t1[0]); + fp4_mul_art(t1[0], t1[0]); + } else { + /* t0 = a_0 * b_0. */ + for (int i = 0; i < 2; i++) { + for (int j = 0; j < 2; j++) { + for (int k = 0; k < 2; k++) { + fp_mul(t0[i][j][k], a[0][i][j][k], b[0][0][0][0]); + } + } + } + /* t1 = a_1 * b_1. */ + fp8_mul(t1, a[1], b[1]); + } /* t4 = b_0 + b_1. */ fp8_add(t4, b[0], b[1]); @@ -240,43 +252,56 @@ void fp16_mul_dxs_lazyr(fp16_t c, const fp16_t a, const fp16_t b) { /* Karatsuba algorithm. */ - /* u0 = a_0 * b_0. */ - fp8_mul_unr(u0, a[0], b[0]); - - /* u1 = a_1 * b_1. */ - fp4_mul_unr(u1[0], a[1][1], b[1][1]); - fp4_add(t1[0], a[1][0], a[1][1]); - fp4_mul_unr(u1[1], t1[0], b[1][1]); - fp2_subc_low(u2[1][0], u1[1][0], u1[0][0]); - fp2_subc_low(u2[1][1], u1[1][1], u1[0][1]); - fp2_nord_low(u2[0][0], u1[0][1]); - dv_copy(u2[0][1][0], u1[0][0][0], 2 * RLC_FP_DIGS); - dv_copy(u2[0][1][1], u1[0][0][1], 2 * RLC_FP_DIGS); - + if (fp4_is_zero(b[1][0])) { + /* u0 = a_0 * b_0. */ + fp8_mul_unr(u0, a[0], b[0]); + + /* u1 = a_1 * b_1. */ + fp4_mul_unr(u2[0], a[1][1], b[1][1]); + fp4_add(t1[0], a[1][0], a[1][1]); + fp4_mul_unr(u2[1], t1[0], b[1][1]); + fp2_subc_low(u1[1][0], u2[1][0], u2[0][0]); + fp2_subc_low(u1[1][1], u2[1][1], u2[0][1]); + fp2_nord_low(u1[0][0], u2[0][1]); + dv_copy(u1[0][1][0], u2[0][0][0], 2 * RLC_FP_DIGS); + dv_copy(u1[0][1][1], u2[0][0][1], 2 * RLC_FP_DIGS); + } else { + /* u0 = a_0 * b_0. */ + for (int i = 0; i < 2; i++) { + for (int j = 0; j < 2; j++) { + for (int k = 0; k < 2; k++) { + fp_muln_low(u0[i][j][k], a[0][i][j][k], b[0][0][0][0]); + } + } + } + /* u1 = a_1 * b_1. */ + fp8_mul_unr(u1, a[1], b[1]); + } /* t1 = a_0 + a_1. */ fp8_add(t0, a[0], a[1]); /* t0 = b_0 + b_1. */ fp8_add(t1, b[0], b[1]); /* u2 = (a_0 + a_1) * (b_0 + b_1) */ - fp8_mul_unr(u1, t0, t1); + fp8_mul_unr(u2, t0, t1); + /* c_1 = u2 - a_0b_0 - a_1b_1. */ for (int i = 0; i < 2; i++) { for (int j = 0; j < 2; j++) { - fp2_subc_low(t[1][i][j], u1[i][j], u0[i][j]); - fp2_subc_low(t[1][i][j], t[1][i][j], u2[i][j]); + fp2_subc_low(t[1][i][j], u2[i][j], u0[i][j]); + fp2_subc_low(t[1][i][j], t[1][i][j], u1[i][j]); } } /* c_0 = a_0b_0 + v * a_1b_1. */ - fp2_nord_low(u1[0][0], u2[1][1]); - dv_copy(u1[0][1][0], u2[1][0][0], 2 * RLC_FP_DIGS); - dv_copy(u1[0][1][1], u2[1][0][1], 2 * RLC_FP_DIGS); - dv_copy(u1[1][0][0], u2[0][0][0], 2 * RLC_FP_DIGS); - dv_copy(u1[1][0][1], u2[0][0][1], 2 * RLC_FP_DIGS); - dv_copy(u1[1][1][0], u2[0][1][0], 2 * RLC_FP_DIGS); - dv_copy(u1[1][1][1], u2[0][1][1], 2 * RLC_FP_DIGS); + fp2_nord_low(u2[0][0], u1[1][1]); + dv_copy(u2[0][1][0], u1[1][0][0], 2 * RLC_FP_DIGS); + dv_copy(u2[0][1][1], u1[1][0][1], 2 * RLC_FP_DIGS); + dv_copy(u2[1][0][0], u1[0][0][0], 2 * RLC_FP_DIGS); + dv_copy(u2[1][0][1], u1[0][0][1], 2 * RLC_FP_DIGS); + dv_copy(u2[1][1][0], u1[0][1][0], 2 * RLC_FP_DIGS); + dv_copy(u2[1][1][1], u1[0][1][1], 2 * RLC_FP_DIGS); for (int i = 0; i < 2; i++) { for (int j = 0; j < 2; j++) { - fp2_addc_low(t[0][i][j], u0[i][j], u1[i][j]); + fp2_addc_low(t[0][i][j], u0[i][j], u2[i][j]); } } for (int i = 0; i < 2; i++) { diff --git a/src/low/x64-asm-8l/macro.s b/src/low/x64-asm-8l/macro.s index f17329514..2073e5b6e 100644 --- a/src/low/x64-asm-8l/macro.s +++ b/src/low/x64-asm-8l/macro.s @@ -42,6 +42,16 @@ #define P6 0x555955557955572A #define P7 0x0000000000000055 #define U0 0x4B3EF8137F4017FD +#elif FP_PRIME == 510 +#define P0 0xDD5F62C1A3044101 +#define P1 0x393DDECB1D3C5517 +#define P2 0x8E97A75A70B54410 +#define P3 0xBA09F4BACE3AC558 +#define P4 0x13BA8856149CDCB6 +#define P5 0xB32E21F17F8B0A67 +#define P6 0x5A1673FA252B4DAA +#define P7 0X31BEC371AB26D0A6 +#define U0 0x766D29254B8340FF #elif FP_PRIME == 511 #define P0 0x84DD401C8E4AB001 #define P1 0x98707BD8B8D7F1F5 @@ -52,7 +62,7 @@ #define P6 0x0000031F8F000000 #define P7 0x4000000000156000 #define U0 0xDF085042554AAFFF -#else +#else /* B24_P509 */ #define P0 0xA13D118DB8BFD2AB #define P1 0xEE63BD076E8D9300 #define P2 0xCFCB5C6071BAD3D2 diff --git a/src/pc/relic_pc_exp.c b/src/pc/relic_pc_exp.c index a86e0f54a..0b6334bd8 100644 --- a/src/pc/relic_pc_exp.c +++ b/src/pc/relic_pc_exp.c @@ -58,7 +58,7 @@ static void gt_psi(gt_t c, const gt_t a) { gt_inv(b, b); gt_mul(c, c, b); break; - case EP_N16: + case EP_AFG16: /* u = -p^5 mod r */ gt_frb(c, a, 5); gt_inv(c, c); @@ -175,7 +175,7 @@ void gt_exp_gls_naf(gt_t c, const gt_t a, const bn_t b, size_t f) { l = RLC_MAX(l, _l[i]); } - if (ep_curve_is_pairf() == EP_K16 || ep_curve_is_pairf() == EP_N16 || + if (ep_curve_is_pairf() == EP_K16 || ep_curve_is_pairf() == EP_AFG16 || ep_curve_embed() == 18) { gt_copy(t[0], a); for (size_t i = 1; i < f; i++) { diff --git a/src/pc/relic_pc_util.c b/src/pc/relic_pc_util.c index 414c34a62..f8d33abc3 100644 --- a/src/pc/relic_pc_util.c +++ b/src/pc/relic_pc_util.c @@ -54,7 +54,7 @@ void gt_rand(gt_t a) { pp_exp_k48(a, a); #elif FP_PRIME == 315 || FP_PRIME == 317 || FP_PRIME == 509 pp_exp_k24(a, a); -#elif FP_PRIME == 330 || FP_PRIME == 765 || FP_PRIME == 766 +#elif FP_PRIME == 330 || FP_PRIME == 510 || FP_PRIME == 765 || FP_PRIME == 766 pp_exp_k16(a, a); #elif FP_PRIME == 354 || FP_PRIME == 508 || FP_PRIME == 768 || FP_PRIME == 638 && !defined(FP_QNRES) pp_exp_k18(a, a); @@ -131,7 +131,7 @@ int g1_is_valid(const g1_t a) { break; /* if (u % 2) == 0, check (u**4)*\psi(P) == P * else check (u**4-1)//2 * (\psi(P) - P) == P */ - case EP_N16: + case EP_AFG16: bn_sqr(n, n); bn_sqr(n, n); ep_psi(u, a); @@ -333,7 +333,7 @@ int g2_is_valid(const g2_t a) { break; /* If u is even, check that [u*p^3]P = P * else check [p^5]P = [u]P. */ - case EP_N16: + case EP_AFG16: g2_mul_any(u, a, n); if (bn_is_even(n)) { g2_frb(v, u, 3); @@ -532,7 +532,7 @@ int gt_is_valid(const gt_t a) { break; /* If u is even, check that [u*p^3]P = P * else check [p^5]P = [u]P. */ - case EP_N16: + case EP_AFG16: fp_prime_get_par(n); gt_exp(u, a, n); if (bn_is_even(n)) { diff --git a/src/pp/relic_pp_exp_k16.c b/src/pp/relic_pp_exp_k16.c index 6f64ef199..7f7cf8e89 100644 --- a/src/pp/relic_pp_exp_k16.c +++ b/src/pp/relic_pp_exp_k16.c @@ -213,12 +213,12 @@ static void pp_exp_kss(fp16_t c, fp16_t a) { } /** - * Computes the final exponentiation of a pairing defined over a KSS curve. + * Computes the final exponentiation of a pairing defined over an AFG16 curve. * * @param[out] c - the result. * @param[in] a - the extension field element to exponentiate. */ -static void pp_exp_new(fp16_t c, fp16_t a) { +static void pp_exp_afg16(fp16_t c, fp16_t a) { fp16_t t0, t1, t2, t3, t4; bn_t x, x_; @@ -438,8 +438,8 @@ void pp_exp_k16(fp16_t c, fp16_t a) { case EP_K16: pp_exp_kss(c, a); break; - case EP_N16: - pp_exp_new(c, a); + case EP_AFG16: + pp_exp_afg16(c, a); break; case EP_FM16: pp_exp_fm16(c, a); diff --git a/src/pp/relic_pp_map_k16.c b/src/pp/relic_pp_map_k16.c index 6ab261f85..66d13ab23 100644 --- a/src/pp/relic_pp_map_k16.c +++ b/src/pp/relic_pp_map_k16.c @@ -499,7 +499,7 @@ void pp_map_oatep_k16(fp16_t r, const ep_t p, const ep4_t q) { if (!ep_is_infty(_p[0]) && !ep4_is_infty(_q[0])) { switch (ep_curve_is_pairf()) { case EP_FM16: - case EP_N16: + case EP_AFG16: /* r = f_{|a|,Q}(P). */ pp_mil_k16(r, t, _q, _p, 1, a); if (bn_sign(a) == RLC_NEG) { @@ -570,7 +570,7 @@ void pp_map_sim_oatep_k16(fp16_t r, const ep_t *p, const ep4_t *q, int m) { if (j > 0) { switch (ep_curve_is_pairf()) { case EP_FM16: - case EP_N16: + case EP_AFG16: /* r = f_{|a|,Q}(P). */ pp_mil_k16(r, t, _q, _p, j, a); if (bn_sign(a) == RLC_NEG) { diff --git a/test/test_fpx.c b/test/test_fpx.c index fb2109442..241e07247 100644 --- a/test/test_fpx.c +++ b/test/test_fpx.c @@ -778,7 +778,7 @@ static int square_root2(void) { fp2_new(a); fp2_new(b); fp2_new(c); -#if 0 + TEST_CASE("quadratic residuosity test is correct") { fp2_zero(a); TEST_ASSERT(fp2_is_sqr(a) == 1, end); @@ -791,7 +791,6 @@ static int square_root2(void) { TEST_ASSERT(fp2_is_sqr(a) == 0, end); } TEST_END; -#endif TEST_CASE("square root extraction is correct") { fp2_zero(a); @@ -799,15 +798,11 @@ static int square_root2(void) { r = fp2_srt(b, c); TEST_ASSERT(r, end); TEST_ASSERT(fp2_cmp(b, a) == RLC_EQ, end); -#if 0 fp_rand(a[0]); fp_zero(a[1]); fp2_sqr(c, a); r = fp2_srt(b, c); fp2_neg(c, b); - fp2_print(a); - fp2_print(b); - fp2_print(c); TEST_ASSERT(r, end); TEST_ASSERT(fp2_cmp(b, a) == RLC_EQ || fp2_cmp(c, a) == RLC_EQ, end); @@ -820,7 +815,6 @@ static int square_root2(void) { TEST_ASSERT(r, end); TEST_ASSERT(fp2_cmp(b, a) == RLC_EQ || fp2_cmp(c, a) == RLC_EQ, end); -#endif fp2_rand(a); fp2_sqr(c, a); r = fp2_srt(b, c); @@ -5023,7 +5017,7 @@ static int util16(void) { return code; } -static int addition16(void) { +static int additioAFG16(void) { int code = RLC_ERR; fp16_t a, b, c, d, e; @@ -5087,7 +5081,7 @@ static int addition16(void) { return code; } -static int subtraction16(void) { +static int subtractioAFG16(void) { int code = RLC_ERR; fp16_t a, b, c, d; @@ -5172,7 +5166,7 @@ static int doubling16(void) { return code; } -static int multiplication16(void) { +static int multiplicatioAFG16(void) { int code = RLC_ERR; fp16_t a, b, c, d, e, f; @@ -5426,7 +5420,7 @@ static int cyclotomic16(void) { return code; } -static int inversion16(void) { +static int inversioAFG16(void) { int code = RLC_ERR; fp16_t a, b, c, d[2]; @@ -5490,7 +5484,7 @@ static int inversion16(void) { return code; } -static int exponentiation16(void) { +static int exponentiatioAFG16(void) { int code = RLC_ERR; fp16_t a, b, c; bn_t d; @@ -9065,12 +9059,12 @@ int main(void) { util_banner("Arithmetic:", 1); - if (addition16() != RLC_OK) { + if (additioAFG16() != RLC_OK) { core_clean(); return 1; } - if (subtraction16() != RLC_OK) { + if (subtractioAFG16() != RLC_OK) { core_clean(); return 1; } @@ -9080,7 +9074,7 @@ int main(void) { return 1; } - if (multiplication16() != RLC_OK) { + if (multiplicatioAFG16() != RLC_OK) { core_clean(); return 1; } @@ -9095,12 +9089,12 @@ int main(void) { return 1; } - if (inversion16() != RLC_OK) { + if (inversioAFG16() != RLC_OK) { core_clean(); return 1; } - if (exponentiation16() != RLC_OK) { + if (exponentiatioAFG16() != RLC_OK) { core_clean(); return 1; }