From 16f8a992bacb77de87af1e17e1f42cd225180671 Mon Sep 17 00:00:00 2001
From: "Diego F. Aranha" <dfaranha@gmail.com>
Date: Wed, 14 Feb 2024 00:20:32 +0100
Subject: [PATCH] Add new parameters.

---
 include/relic_ep.h          |  6 ++++--
 include/relic_fp.h          |  8 +++++---
 preset/x64-pbc-afg16-766.sh |  2 ++
 src/ep/relic_ep_param.c     | 24 ++++++++++++++++++++++--
 src/epx/relic_ep4_curve.c   | 26 ++++++++++++++++++++++++++
 src/fp/relic_fp_param.c     | 13 ++++++++++++-
 src/low/x64-asm-12l/macro.s | 17 ++++++++++++++++-
 7 files changed, 87 insertions(+), 9 deletions(-)
 create mode 100755 preset/x64-pbc-afg16-766.sh

diff --git a/include/relic_ep.h b/include/relic_ep.h
index 8515774f2..4279ce9b3 100644
--- a/include/relic_ep.h
+++ b/include/relic_ep.h
@@ -179,10 +179,12 @@ enum {
 	N16_P765,
 	/* Fotiadis-Moartindale with embedding degree 16. */
 	FM16_P765,
-	/* Fotiadis-Moartindale with embedding degree 18. */
-	FM18_P768,
 	/** Kachisa-Schaefer-Scott with embedding degree 16. */
 	K16_P766,
+	/** New family with embeeding degree 16. */
+	N16_P766,
+	/* Fotiadis-Moartindale with embedding degree 18. */
+	FM18_P768,
 	/** 1536-bit supersingular curve. */
 	SS_P1536,
 	/** 3072-bit supersingular curve. */
diff --git a/include/relic_fp.h b/include/relic_fp.h
index 85de08aef..8dabbf887 100644
--- a/include/relic_fp.h
+++ b/include/relic_fp.h
@@ -158,12 +158,14 @@ enum {
     SG18_638,
 	/** 765-bit prime for new family with embedding degree 16. */
 	N16_765,
-	/** 765-bit prime for FM curve with embeddind degree 16. */
+	/** 765-bit prime for FM curve with embedding degree 16. */
 	FM16_765,
-	/** 768-bit prime for FM curve with embedding degree 18. */
-	FM18_768,
 	/** 766-bit prime for KSS curve with embedding degree 16. */
 	K16_766,
+	/** 766-bit prime for new family with embedding degree 16. */
+	N16_766,
+	/** 768-bit prime for FM curve with embedding degree 18. */
+	FM18_768,
 	/** 1024-bit prime for CTIDH. */
 	CTIDH_1024,
 	/** 1536-bit prime for supersingular curve with embedding degree k = 2. */
diff --git a/preset/x64-pbc-afg16-766.sh b/preset/x64-pbc-afg16-766.sh
new file mode 100755
index 000000000..1f1de18ae
--- /dev/null
+++ b/preset/x64-pbc-afg16-766.sh
@@ -0,0 +1,2 @@
+#!/bin/sh
+cmake -DWSIZE=64 -DRAND=UDEV -DSHLIB=OFF -DSTBIN=ON -DTIMER=CYCLE -DCHECK=off -DVERBS=off -DARITH=x64-asm-12l -DBN_PRECI=3072 -DFP_PRIME=766 -DFP_METHD="INTEG;INTEG;INTEG;MONTY;JMPDS;JMPDS;SLIDE" -DCFLAGS="-O3 -funroll-loops -fomit-frame-pointer -march=native -mtune=native" -DFP_PMERS=off -DFP_QNRES=off -DFPX_METHD="INTEG;INTEG;LAZYR" -DEP_PLAIN=off -DEP_SUPER=off -DPP_METHD="LAZYR;OATEP" -DWITH="ALL" $1
diff --git a/src/ep/relic_ep_param.c b/src/ep/relic_ep_param.c
index c7ed5c787..81e10d48c 100644
--- a/src/ep/relic_ep_param.c
+++ b/src/ep/relic_ep_param.c
@@ -697,6 +697,19 @@
 #define K16_P766_R		"1B6C1BFC8E56CCE359E1D8A9B94553D096A506CE2ECF4A33C5D526AC5F3B61CB0A6D76FCD8487EDEE0B0F9BA2DFA29D5AB0B164B8792C233ED1E6EB350BA9F4D37112A98DE816BEB1EA8DDB1"
 #define K16_P766_H		"2327FFFFFFFFE8905E7E6E0003E7E080C57EE9EF4"
 /** @} */
+
+/**
+ * Parameters for a 766-bit pairing-friendly prime curve.
+ */
+/** @{ */
+#define N16_P766_A		"1"
+#define N16_P766_B		"0"
+#define N16_P766_X		"09B60388917DF4F526CE1869B8A069F7722A4EABF0543BAE29B7CABACC1BE50626878F5CC3C5157ADCC6B80DE516239BE3CCC8E66173CBD91092C87B1AAEBF072F3C92CC5B6A8F33A6A2A165AC171A76C4687274BA0E54A7C049F0781D6EB3F5"
+#define N16_P766_Y		"280BAA585CD0AB9090B8AB2990410AA093511C661554ACC497D77B67BE3B3CCDDFBCBE296A0119EF8F8FA19D613CA25D16232EF4A5A019C6FDD4C2F0F8DBC238C84F07326BACB3D0478AB5596DCC8BCAD483BF2C4AD89A6C29683E85E77DF120"
+#define N16_P766_R		"FFFFFF8401001A46937D417AB554F4F3438C3F42C66CBA08998426591ED55EBA6A16CB364728D491BC20010000000001"
+#define N16_P766_H		"3FFFFFE100400691A4DF505EAD553D3CD0E38FD0B1746ED22B12363612FBBA252C222C274D60ADA6C3F09E1010080100"
+/** @} */
+
 #endif
 
 #if defined(EP_ENDOM) && FP_PRIME == 768
@@ -1180,6 +1193,11 @@ void ep_param_set(int param) {
 				endom = 1;
 				pairf = EP_K16;
 				break;
+			case N16_P766:
+				ASSIGN(N16_P766, N16_766);
+				endom = 1;
+				pairf = EP_N16;
+				break;
 #endif
 #if defined(EP_ENDOM) && FP_PRIME == 768
 			case FM18_P768:
@@ -1467,7 +1485,8 @@ int ep_param_set_any_endom(void) {
 	ep_param_set(N16_P765);
 	//ep_param_set(FM16_P765);
 #elif FP_PRIME == 766
-	ep_param_set(K16_P766);
+	//ep_param_set(K16_P766);
+	ep_param_set(N16_P766);
 #elif FP_PRIME == 768
 	ep_param_set(FM18_P768);
 #else
@@ -1589,7 +1608,8 @@ int ep_param_set_any_pairf(void) {
 	type = RLC_EP_MTYPE;
 	extension = 4;
 #elif FP_PRIME == 766
-	ep_param_set(K16_P766);
+	//ep_param_set(K16_P766);
+	ep_param_set(N16_P766);
 	type = RLC_EP_MTYPE;
 	extension = 4;
 #elif FP_PRIME == 768
diff --git a/src/epx/relic_ep4_curve.c b/src/epx/relic_ep4_curve.c
index e49460491..cb695d924 100644
--- a/src/epx/relic_ep4_curve.c
+++ b/src/epx/relic_ep4_curve.c
@@ -199,6 +199,29 @@
 /** @} */
 #endif
 
+#if defined(EP_ENDOM) && FP_PRIME == 766
+/** @{ */
+#define N16_P766_A0		"0"
+#define N16_P766_A1		"0"
+#define N16_P766_A2		"1"
+#define N16_P766_A3		"0"
+#define N16_P766_B0		"0"
+#define N16_P766_B1		"0"
+#define N16_P766_B2		"0"
+#define N16_P766_B3		"0"
+#define N16_P766_X0		"2DD92375B2A68D713D1D997683DA3E93B0C1713870A6759B37076504F22AFEC776AA9986FFE48F5507793DB266C9C563D26B64423B653977CC9D7A3EA67D52CF708A55E0110E1F21E4676EEC13FF37228D05B74FC124AC6F15931F84039FFF5B"
+#define N16_P766_X1		"3BFCCB56ED55A4FBC07136D3577EA5DC5D1ED55079EA0CD7FA75F945D616AF8957935ABF77D532AE66E568CE090109867C58114CD9AE9CCF220BAE9B22148BBEF77A0AF557527A4F87D36CD84DD481FCF78ED87C388E0D4777456B0DF240898E"
+#define N16_P766_X2		"1B9DAFE0399513AE63149C5BD87F531A00A9BA81BB42FE35C499BBAD9B985EDDDB94EEEAF944C21B6E36B25768CB3A6EB5EAD839BDEB05E1F86819BCAFD5EB0EF82EFC64D62223CD23ED960D645D213D8B2DE094FE2F78F0C34AFC09EBD39B65"
+#define N16_P766_X3		"B22A088D63FC479596ED186B382DECBB180CC51CD5615F1CE9D600B4BCD81DCAFB9369A86E261767B75C2CE12BD4AE372311F8E9E328BA006D52021D1F09DC51B853C3365FCD61B4DA1BD24AB504CE63E11EB4FB0C2FA56704E009A7D1B1944"
+#define N16_P766_Y0		"2AB5268BD543054A99076F5DD83E2D8947CC9DBBCCB125C29D791386412830E074378F94D1CC70891ADDF24CE9398490D3F27FBA8EE7F6CB2D71DFE01112BBD0B9B21FE566393AC278562B4390F0673762FB29A6540186B515A0AB9DB96E848C"
+#define N16_P766_Y1		"36962D909FC17BD54162AD530987217464D81007D2B07CEBFEDD9E7ACAC7423242132E11169B1F49A9DCDD3EA9EFF0A24CE7AA7A68BFADFD3E07B0517D47F097AB0F9568B54E8AAE190A2D53D430D1118570C0B5EB878364BA9900A44D97505B"
+#define N16_P766_Y2		"2B259E06C780DA39E283C221C392A9EE03ACE066967A30A5A4ADEE49E2ECA40DCAAD4CD234FABAA4CFAB20105EE1BEE54403CC17D5BE544B926A699495A5923C6EC7575A64EE412BFAF4C67E4C449F28814D26C4B8F85947EABF97E3818A3097"
+#define N16_P766_Y3		"1495AA76C3DA6431BF12D17B346AEDF5EFE50F4F7135F2618075887884DDA700FCC2918462DDE2CF728034461ECCB4C1F76892A809192939D069D3BA3A06D7F7FD94C1E08D74261C847C3E6DCD36B8D93B87D8277EC23300619530B5A5584B8C"
+#define N16_P766_R		"FFFFFF8401001A46937D417AB554F4F3438C3F42C66CBA08998426591ED55EBA6A16CB364728D491BC20010000000001"
+#define N16_P766_H		"FFFFFC9C0705A529AA711C4917897B571AB9D0963B7F885C31C06824D3F2584BA226785992D5E850AA5C0B13502F293A1681AF78BC665FEB126F7C4BA70D01AE2CE52E02140F5C16C4AF3B3A49E6351F191B54245F28C8C4C335ECA923DBF5FF15EBDFF8D29E3B70B027074B50A2AF3622E60B09A63B11B30F61AD59875B59751803A75D55EF5123CED27A3E7F29D20CD2617F6532FDCB87592DF3A6720415EB7871CE9D858844438E66F90066DB58804FB9F54832AEEC21CBACEB00A49D6D5AE806679C4AC7DAD3DBD527E4D81095E256780325B815449FA6C11EF0D70D8AEE93923245E95D8CE60384D06F98BC9AC3D2E91CD725371F495C8B2D1E5161377E801D7732A37179669E91008D8152B75C19324815BD89CCB54EC01212F5B906604C08A55DB203EA6049568FFAA1B88B74657771B64387FF992C5CB64A9E758DEC94FE63AB50F5B88140B2AC32248382"
+/** @} */
+#endif
+
 /**
  * Assigns a set of ordinary elliptic curve parameters.
  *
@@ -431,6 +454,9 @@ void ep4_curve_set_twist(int type) {
 			case K16_P766:
 				ASSIGN(K16_P766);
 				break;
+			case N16_P766:
+				ASSIGN(N16_P766);
+				break;
 #endif
 			default:
 				(void)str;
diff --git a/src/fp/relic_fp_param.c b/src/fp/relic_fp_param.c
index acc4d22ad..674ffb3de 100644
--- a/src/fp/relic_fp_param.c
+++ b/src/fp/relic_fp_param.c
@@ -604,6 +604,16 @@ void fp_param_set(int param) {
 				bn_add_dig(t0, t0, 1);
 				fp_prime_set_pairf(t0, EP_K16);
 				break;
+			case N16_766:
+				/* u = 2^48-2^20+2^15+2^5 */
+				bn_set_2b(t0, 48);
+				bn_set_2b(t1, 20);
+				bn_sub(t0, t0, t1);
+				bn_set_2b(t1, 15);
+				bn_add(t0, t0, t1);
+				bn_add_dig(t0, t0, 32);
+				fp_prime_set_pairf(t0, EP_N16);
+				break;
 #elif FP_PRIME == 768
 			case FM18_768:
 				/* u = -2^64+2^33+2^30+2^20+1 */
@@ -814,7 +824,8 @@ int fp_param_set_any_tower(void) {
 	fp_param_set(N16_765);
 	//fp_param_set(FM16_765);
 #elif FP_PRIME == 766
-	fp_param_set(K16_766);
+	fp_param_set(N16_766);
+	//fp_param_set(K16_766);
 #elif FP_PRIME == 768
 	fp_param_set(FM18_768);
 #elif FP_PRIME == 1536
diff --git a/src/low/x64-asm-12l/macro.s b/src/low/x64-asm-12l/macro.s
index 78c726247..31cddde65 100644
--- a/src/low/x64-asm-12l/macro.s
+++ b/src/low/x64-asm-12l/macro.s
@@ -45,7 +45,7 @@
 #define P11 0xFFFFFFE4FF400142
 #define U0	0x471A9E12007FFFFF
 #elif FP_PRIME == 766
-/* KSS16-P766 */
+/* KSS16-P766
 #define P0	0xB955C8905EF99F8D
 #define P1	0x7D1C278139EFCE97
 #define P2	0xB72041F5E8174021
@@ -59,6 +59,21 @@
 #define P10 0xD1F39E5F37AEACB3
 #define P11 0x3C410B7E6EC19106
 #define U0	0xC18CA908C52344BB
+*/
+/* AFG16-766 */
+#define P0	0xD1C2DA3812080101
+#define P1	0x7C7B86E2E778F618
+#define P2	0xCBDEA14B5B88FF11
+#define P3	0xCC0258598794E74A
+#define P4	0x2C3C97E23451D33D
+#define P5	0xD865BA50F2687698
+#define P6	0x7FE816EA1FC66244
+#define P7	0x28B32989A8983A80
+#define P8	0xA388C01776314278
+#define P9	0x103F6BCC973EF5C3
+#define P10 0x0BB883B2C64AF7BD
+#define P11 0X3FFFFFC200801C27
+#define U0	0x30B120EB030700FF
 #elif FP_PRIME == 765
 /* AFG16-765 */
 #define P0	0x0000000000000001