forked from mit-plv/fiat-crypto
-
Notifications
You must be signed in to change notification settings - Fork 0
/
primes.txt
92 lines (85 loc) · 1.26 KB
/
primes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
# single-tap:
2^127 - 1 # "kummer strikes back"
2^129 - 25
2^130 - 5 # poly1305
2^137 - 13
2^140 - 27
2^141 - 9
2^150 - 5
2^150 - 3
2^152 - 17
2^158 - 15
2^165 - 25
2^166 - 5
2^171 - 19
2^174 - 17
2^174 - 3
2^189 - 25
2^190 - 11
2^191 - 19
2^194 - 33
2^196 - 15
2^198 - 17
2^206 - 5
2^212 - 29
2^213 - 3
2^221 - 3
2^222 - 117
2^226 - 5
2^230 - 27
2^235 - 15
2^243 - 9
2^251 - 9
2^255 - 765
2^255 - 19 # curve25519
2^256 - 189
2^266 - 3
2^285 - 9
2^291 - 19
2^321 - 9
2^336 - 17
2^336 - 3
2^338 - 15
2^369 - 25
2^379 - 19
2^382 - 105
2^383 - 421
2^383 - 187
2^383 - 31
2^384 - 317
2^389 - 21
2^401 - 31
2^413 - 21
2^414 - 17
2^444 - 17
2^452 - 3
2^468 - 17
2^488 - 17
2^489 - 21
2^495 - 31
2^511 - 481
2^511 - 187
2^512 - 569
2^521 - 1 # p512
# two taps, golden ratio:
2^192 - 2^64 - 1
2^216 - 2^108 - 1
2^322 - 2^161 - 1
2^416 - 2^208 - 1
2^448 - 2^224 - 1 # goldilocks
2^450 - 2^225 - 1
2^480 - 2^240 - 1 # ridinghood
# two or more taps
2^205 - 45*2^198 - 1
2^224 - 2^96 + 1 # p224
2^256 - 2^224 + 2^192 + 2^96 - 1 # p256
2^256 - 2^32 - 977 # bitcoin
2^256 - 4294968273 # bitcoin, for 64-bit impl
2^384 - 2^128 - 2^96 + 2^32 - 1 # p384
# Montgomery-Friendly
2^256 - 88*2^240 - 1
2^254 - 127*2^240 - 1
2^384 - 79*2^376 - 1
2^384 - 5*2^368 - 1
2^512 - 491*2^496 - 1
2^510 - 290*2^496 - 1