This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Author: Sean Pesce | |
| // | |
| // Manual implementations of the CONCAT operations produced by the Ghidra decompiler. | |
| // These definitions are helpful for compiling re-implementations of native code using | |
| // decompiler output (e.g., with gcc). | |
| // | |
| // Note that these implementations would be outperformed by minimal C preprocessor macros | |
| // that replicate the same logic. |
pqlx
/ ec-param-check.sage
Last active
November 17, 2025 15:46
Identifying weak elliptic curve cryptography domain parameters.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def check_pohlig_hellman(curve, generator=None): | |
| """ | |
| The Pohlig-Hellman algorithm allows for quick (EC)DLP solving if the order of the curve is smooth, | |
| i.e its order is a product of multiple (small) primes. | |
| The best general purpose algorithm for finding a discrete logarithm is the Baby-step giant-step | |
| algorithm, with a running time of O(sqrt(n)). | |
| If the order of the curve (over a finite field) is smooth, we can however solve the (EC)DLP | |
| algorithm by solving the (EC)DLP for all the prime powers that make up the order, then using the |