Along with specifying a curve
one specifies a base point (x_1,y_1) of prime order ℓ on that curve.
The following table shows the base point (x_1,y_1) for various curves:
Curve |
(x_1,y_1) on curve? |
x_1, y_1 |
Anomalous
|
True✔
|
(1619092589586542907492569170434842128165755668543894279235270,
3436949547626524920645513316569700140535482973634182925459687)
= (0x101efb35fd1963c4871a2d17edaafa7e249807f58f8705126c6,
0x22389a3954375834304ba1d509a97de6c07148ea7f5951b20e7)
|
M-221
|
True✔
|
(4,
1630203008552496124843674615123983630541969261591546559209027208557)
= (0x4,
0xf7acdd2a4939571d1cef14eca37c228e61dbff10707dc6c08c5056d)
|
E-222
|
True✔
|
(2705691079882681090389589001251962954446177367541711474502428610129,
28)
= (0x19b12bb156a389e55c9768c303316d07c23adab3736eb2bc3eb54e51,
0x1c)
|
NIST P-224
|
True✔
|
(19277929113566293071110308034699488026831934219452440156649784352033,
19926808758034470970197974370888749184205991990603949537637343198772)
= (0xb70e0cbd6bb4bf7f321390b94a03c1d356c21122343280d6115c1d21,
0xbd376388b5f723fb4c22dfe6cd4375a05a07476444d5819985007e34)
|
Curve1174
|
True✔
|
(1582619097725911541954547006453739763381091388846394833492296309729998839514,
3037538013604154504764115728651437646519513534305223422754827055689195992590)
= (0x37fbb0cea308c479343aee7c029a190c021d96a492ecd6516123f27bce29eda,
0x6b72f82d47fb7cc6656841169840e0c4fe2dee2af3f976ba4ccb1bf9b46360e)
|
Curve25519
|
True✔
|
(9,
14781619447589544791020593568409986887264606134616475288964881837755586237401)
= (0x9,
0x20ae19a1b8a086b4e01edd2c7748d14c923d4d7e6d7c61b229e9c5a27eced3d9)
|
BN(2,254)
|
True✔
|
(-1,
1)
= (0x-1,
0x1)
|
brainpoolP256t1
|
True✔
|
(74138526386500101787937404544159543470173440588427591213843535686338908194292,
20625154686056605250529482107801269759951443923312408063441227608803066104254)
= (0xa3e8eb3cc1cfe7b7732213b23a656149afa142c47aafbc2b79a191562e1305f4,
0x2d996c823439c56d7f7b22e14644417e69bcb6de39d027001dabe8f35b25c9be)
|
ANSSI FRP256v1
|
True✔
|
(82638672503301278923015998535776227331280144783487139112686874194432446389503,
43992510890276411535679659957604584722077886330284298232193264058442323471611)
= (0xb6b3d4c356c139eb31183d4749d423958c27d2dcaf98b70164c97a2dd98f5cff,
0x6142e0f7c8b204911f9271f0f3ecef8c2701c307e8e4c9e183115a1554062cfb)
|
NIST P-256
|
True✔
|
(48439561293906451759052585252797914202762949526041747995844080717082404635286,
36134250956749795798585127919587881956611106672985015071877198253568414405109)
= (0x6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296,
0x4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5)
|
secp256k1
|
True✔
|
(55066263022277343669578718895168534326250603453777594175500187360389116729240,
32670510020758816978083085130507043184471273380659243275938904335757337482424)
= (0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798,
0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8)
|
E-382
|
True✔
|
(3914921414754292646847594472454013487047137431784830634731377862923477302047857640522480241298429278603678181725699,
17)
= (0x196f8dd0eab20391e5f05be96e8d20ae68f840032b0b64352923bab85364841193517dbce8105398ebc0cc9470f79603,
0x11)
|
M-383
|
True✔
|
(12,
4737623401891753997660546300375902576839617167257703725630389791524463565757299203154901655432096558642117242906494)
= (0xc,
0x1ec7ed04aaf834af310e304b2da0f328e7c165f0e8988abd3992861290f617aa1f1b2e7d0b6e332e969991b62555e77e)
|
Curve383187
|
True✔
|
(5,
4759238150142744228328102229734187233490253962521130945928672202662038422584867624507245060283757321006861735839455)
= (0x5,
0x1eebe07dc1871896732b12d5504a32370471965c7a11f2c89865f855ab3cbd7c224e3620c31af3370788457dd5ce46df)
|
brainpoolP384t1
|
True✔
|
(3827769047710394604076870463731979903132904572714069494181204655675960538951736634566672590576020545838501853661388,
5797643717699939326787282953388004860198302425468870641753455602553471777319089854136002629714659021021358409132328)
= (0x18de98b02db9a306f2afcd7235f72a819b80ab12ebd653172476fecd462aabffc4ff191b946a5f54d8d0aa2f418808cc,
0x25ab056962d30651a114afd2755ad336747f93475b7a1fca3b88f2b6a208ccfe469408584dc2b2912675bf5b9e582928)
|
NIST P-384
|
True✔
|
(26247035095799689268623156744566981891852923491109213387815615900925518854738050089022388053975719786650872476732087,
8325710961489029985546751289520108179287853048861315594709205902480503199884419224438643760392947333078086511627871)
= (0xaa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7,
0x3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f)
|
Curve41417
|
True✔
|
(17319886477121189177719202498822615443556957307604340815256226171904769976866975908866528699294134494857887698432266169206165,
34)
= (0x1a334905141443300218c0631c326e5fcd46369f44c03ec7f57ff35498a4ab4d6d6ba111301a73faa8537c64c4fd3812f3cbc595,
0x22)
|
Ed448-Goldilocks
|
True✔
|
(117812161263436946737282484343310064665180535357016373416879082147939404277809514858788439644911793978499419995990477371552926308078495,
19)
= (0x297ea0ea2692ff1b4faff46098453a6a26adf733245f065c3c59d0709cecfa96147eaaf3932d94c63d96c170033f4ba0c7f0de840aed939f,
0x13)
|
M-511
|
True✔
|
(5,
2500410645565072423368981149139213252211568685173608590070979264248275228603899706950518127817176591878667784247582124505430745177116625808811349787373477)
= (0x5,
0x2fbdc0ad8530803d28fdbad354bb488d32399ac1cf8f6e01ee3f96389b90c809422b9429e8a43dbf49308ac4455940abe9f1dbca542093a895e30a64af056fa5)
|
E-521
|
True✔
|
(1571054894184995387535939749894317568645297350402905821437625181152304994381188529632591196067604100772673927915114267193389905003276673749012051148356041324,
12)
= (0x752cb45c48648b189df90cb2296b2878a3bfd9f42fc6c818ec8bf3c9c0c6203913f6ecc5ccc72434b1ae949d568fc99c6059d0fb13364838aa302a940a2f19ba6c,
0xc)
|
The following table shows the prime order ℓ for various curves:
Curve |
ℓ prime? |
ℓ(x_1,y_1) = 0? |
ℓ |
Anomalous
|
True✔
|
True✔
|
17676318486848893030961583018778670610489016512983351739677143
= 0xb0000000000000000000000953000000000000000000001f9d7
= 17676318486848893030961583018778670610489016512983351739677143
|
M-221
|
True✔
|
True✔
|
421249166674228746791672110734682167926895081980396304944335052891
= 0x40000000000000000000000000015a08ed730e8a2f77f005042605b
= 2^218 + 438651314700378199859927091142747
|
E-222
|
True✔
|
True✔
|
1684996666696914987166688442938726735569737456760058294185521417407
= 0xffffffffffffffffffffffffffff70cbc95e932f802f31423598cbf
= 2^220 - 181532584069648727485883454223169
|
NIST P-224
|
True✔
|
True✔
|
26959946667150639794667015087019625940457807714424391721682722368061
= 0xffffffffffffffffffffffffffff16a2e0b8f03e13dd29455c5c2a3d
= 2^224 - 4733179336708116180759420887881155
|
Curve1174
|
True✔
|
True✔
|
904625697166532776746648320380374280092339035279495474023489261773642975601
= 0x1fffffffffffffffffffffffffffffff77965c4dfd307348944d45fd166c971
= 2^249 - 11332719920821432534773113288178349711
|
Curve25519
|
True✔
|
True✔
|
7237005577332262213973186563042994240857116359379907606001950938285454250989
= 0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed
= 2^252 + 27742317777372353535851937790883648493
|
BN(2,254)
|
True✔
|
True✔
|
16798108731015832284940804142231733909759579603404752749028378864165570215949
= 0x2523648240000001ba344d8000000007ff9f800000000010a10000000000000d
= 16798108731015832284940804142231733909759579603404752749028378864165570215949
|
brainpoolP256t1
|
True✔
|
True✔
|
76884956397045344220809746629001649092737531784414529538755519063063536359079
= 0xa9fb57dba1eea9bc3e660a909d838d718c397aa3b561a6f7901e0e82974856a7
= 76884956397045344220809746629001649092737531784414529538755519063063536359079
|
ANSSI FRP256v1
|
True✔
|
True✔
|
109454571331697278617670725030735128146004546811402412653072203207726079563233
= 0xf1fd178c0b3ad58f10126de8ce42435b53dc67e140d2bf941ffdd459c6d655e1
= 109454571331697278617670725030735128146004546811402412653072203207726079563233
|
NIST P-256
|
True✔
|
True✔
|
115792089210356248762697446949407573529996955224135760342422259061068512044369
= 0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551
= 2^256 - 2^224 + 2^192 - 89188191075325690597107910205041859247
|
secp256k1
|
True✔
|
True✔
|
115792089237316195423570985008687907852837564279074904382605163141518161494337
= 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
= 2^256 - 432420386565659656852420866394968145599
|
E-382
|
True✔
|
True✔
|
2462625387274654950767440006258975862817483704404090416745738034557663054564649171262659326683244604346084081047321
= 0xfffffffffffffffffffffffffffffffffffffffffffffffd5fb21f21e95eee17c5e69281b102d2773e27e13fd3c9719
= 2^380 - 1030303207694556153926491950732314247062623204330168346855
|
M-383
|
True✔
|
True✔
|
2462625387274654950767440006258975862817483704404090416746934574041288984234680883008327183083615266784870011007447
= 0x10000000000000000000000000000000000000000000000006c79673ac36ba6e7a32576f7b1b249e46bbc225be9071d7
= 2^380 + 166236275931373516105219794935542153308039234455761613271
|
Curve383187
|
True✔
|
True✔
|
2462625387274654950767440006258975862817483704404090416747124418612574880605944350369924877650606926799392131911201
= 0x1000000000000000000000000000000000000000000000000e85a85287a1488acd41ae84b2b7030446f72088b00a0e21
= 2^380 + 356080847217269887368687156533236720299699248977882517025
|
brainpoolP384t1
|
True✔
|
True✔
|
21659270770119316173069236842332604979796116387017648600075645274821611501358515537962695117368903252229601718723941
= 0x8cb91e82a3386d280f5d6f7e50e641df152f7109ed5456b31f166e6cac0425a7cf3ab6af6b7fc3103b883202e9046565
= 21659270770119316173069236842332604979796116387017648600075645274821611501358515537962695117368903252229601718723941
|
NIST P-384
|
True✔
|
True✔
|
39402006196394479212279040100143613805079739270465446667946905279627659399113263569398956308152294913554433653942643
= 0xffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973
= 2^384 - 1388124618062372383947042015309946732620727252194336364173
|
Curve41417
|
True✔
|
True✔
|
5288447750321988791615322464262168318627237463714249754277190328831105466135348245791335989419337099796002495788978276839289
= 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffeb3cc92414cf706022b36f1c0338ad63cf181b0e71a5e106af79
= 2^411 - 33364140863755142520810177694098385178984727200411208589594759
|
Ed448-Goldilocks
|
True✔
|
True✔
|
181709681073901722637330951972001133588410340171829515070372549795146003961539585716195755291692375963310293709091662304773755859649779
= 0x3fffffffffffffffffffffffffffffffffffffffffffffffffffffff7cca23e9c44edb49aed63690216cc2728dc58f552378c292ab5844f3
= 2^446 - 13818066809895115352007386748515426880336692474882178609894547503885
|
M-511
|
True✔
|
True✔
|
837987995621412318723376562387865382967460363787024586107722590232610251879607410804876779383055508762141059258497448934987052508775626162460930737942299
= 0x100000000000000000000000000000000000000000000000000000000000000017b5feff30c7f5677ab2aeebd13779a2ac125042a6aa10bfa54c15bab76baf1b
= 2^508 + 10724754759635747624044531514068121842070756627434833028965540808827675062043
|
E-521
|
True✔
|
True✔
|
1716199415032652428745475199770348304317358825035826352348615864796385795849413675475876651663657849636693659065234142604319282948702542317993421293670108523
= 0x7ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd15b6c64746fc85f736b8af5e7ec53f04fbd8c4569a8f1f4540ea2435f5180d6b
= 2^519 - 337554763258501705789107630418782636071904961214051226618635150085779108655765
|