aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJ08nY2020-02-21 15:58:14 +0100
committerJ08nY2020-02-21 15:58:14 +0100
commit18a4f5b2837513aebf6a5b2d86911a004b9e7650 (patch)
tree224ccd447eb81d3a393724e8087e59ab7b11497b
parentc2d2771a0ed5e4462962f603b8b0e93a88f188a3 (diff)
downloadpyecsca-18a4f5b2837513aebf6a5b2d86911a004b9e7650.tar.gz
pyecsca-18a4f5b2837513aebf6a5b2d86911a004b9e7650.tar.bz2
pyecsca-18a4f5b2837513aebf6a5b2d86911a004b9e7650.zip
Add unified parameter to formulas that are strongly unified.
-rw-r--r--pyecsca/ec/curve.py19
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/add-20080225-hwcd1
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/madd-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/madd-20080225-hwcd1
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/mmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/inverted/addition/xmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-21
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-31
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-41
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-20080225-hwcd1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/add-20090311-hwcd1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-21
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-31
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/madd-20080225-hwcd1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/mmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/edwards/projective/addition/xmadd-2007-hcd1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-1986-cc1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-hnm1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-2001-b1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/madd1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2004-hmv1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2008-g1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/mmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-0/addition/zadd-2007-m1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-1986-cc1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-hnm1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-2001-b1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/madd1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2004-hmv1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2008-g1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/mmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian-3/addition/zadd-2007-m1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-1986-cc1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-1998-hnm1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-2001-b1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/madd1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/madd-2004-hmv1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/madd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/madd-2008-g1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/mmadd-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/jacobian/addition/zadd-2007-m1
-rw-r--r--pyecsca/ec/efd/shortw/modified/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/modified/addition/add-2009-bl1
-rw-r--r--pyecsca/ec/efd/shortw/modified/addition/madd-2009-bl1
-rw-r--r--pyecsca/ec/efd/shortw/modified/addition/mmadd-2009-bl1
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj1
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj-21
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/madd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective-1/addition/mmadd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/add-2002-bj1
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/madd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective-3/addition/mmadd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo-21
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/add-2002-bj1
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/add-2007-bl1
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/madd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/projective/addition/mmadd-1998-cmo1
-rw-r--r--pyecsca/ec/efd/shortw/w12-0/addition/add-2010-cln1
-rw-r--r--pyecsca/ec/efd/shortw/w12-0/addition/madd-2010-cln1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz-3/addition/add-2008-s1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz-3/addition/madd-2008-s1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz-3/addition/mmadd-2008-s1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz/addition/add-2008-s1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz/addition/madd-2008-s1
-rw-r--r--pyecsca/ec/efd/shortw/xyzz/addition/mmadd-2008-s1
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-31
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-41
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-31
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-41
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-31
-rw-r--r--pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-41
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd1
-rw-r--r--pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd-21
-rw-r--r--pyecsca/ec/efd/twisted/inverted/addition/add-2008-bbjlp1
-rw-r--r--pyecsca/ec/efd/twisted/inverted/addition/madd-2008-bbjlp1
-rw-r--r--pyecsca/ec/efd/twisted/inverted/addition/mmadd-2008-bbjlp1
-rw-r--r--pyecsca/ec/efd/twisted/projective/addition/add-2008-bbjlp1
-rw-r--r--pyecsca/ec/efd/twisted/projective/addition/madd-2008-bbjlp1
-rw-r--r--pyecsca/ec/efd/twisted/projective/addition/mmadd-2008-bbjlp1
-rw-r--r--pyecsca/ec/formula.py4
-rw-r--r--test/ec/test_curve.py5
112 files changed, 136 insertions, 1 deletions
diff --git a/pyecsca/ec/curve.py b/pyecsca/ec/curve.py
index 797b288..5a99c92 100644
--- a/pyecsca/ec/curve.py
+++ b/pyecsca/ec/curve.py
@@ -1,6 +1,6 @@
from ast import Module
from copy import copy
-from typing import MutableMapping, Union, List
+from typing import MutableMapping, Union, List, Optional
from public import public
@@ -49,6 +49,10 @@ class EllipticCurve(object):
locals.update(self.parameters)
for line in formulas:
exec(compile(line, "", mode="exec"), None, locals)
+ if not isinstance(locals["x"], Mod):
+ locals["x"] = Mod(locals["x"], self.prime)
+ if not isinstance(locals["y"], Mod):
+ locals["y"] = Mod(locals["y"], self.prime)
return Point(AffineCoordinateModel(self.model), x=locals["x"], y=locals["y"])
def affine_add(self, one: Point, other: Point) -> Point:
@@ -75,6 +79,19 @@ class EllipticCurve(object):
return r
@property
+ def affine_neutral(self) -> Optional[Point]:
+ if not self.neutral_is_affine:
+ return None
+ locals = {**self.parameters}
+ for line in self.model.base_neutral:
+ exec(compile(line, "", mode="exec"), None, locals)
+ if not isinstance(locals["x"], Mod):
+ locals["x"] = Mod(locals["x"], self.prime)
+ if not isinstance(locals["y"], Mod):
+ locals["y"] = Mod(locals["y"], self.prime)
+ return Point(AffineCoordinateModel(self.model), x=locals["x"], y=locals["y"])
+
+ @property
def neutral_is_affine(self):
return bool(self.model.base_neutral)
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/add-2007-bl b/pyecsca/ec/efd/edwards/inverted/addition/add-2007-bl
index f2a8b68..5cce401 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/add-2007-bl
+++ b/pyecsca/ec/efd/edwards/inverted/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute A = Z1 Z2
compute B = d A^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/add-20080225-hwcd b/pyecsca/ec/efd/edwards/inverted/addition/add-20080225-hwcd
index fcd4f55..b1a2e19 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/add-20080225-hwcd
+++ b/pyecsca/ec/efd/edwards/inverted/addition/add-20080225-hwcd
@@ -1,4 +1,5 @@
source 2008.02.25 Hisil--Wong--Carter--Dawson, page 8
+unified
compute A = X1 Z2
compute B = Y1 Z2
compute C = Z1 X2
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/madd-2007-bl b/pyecsca/ec/efd/edwards/inverted/addition/madd-2007-bl
index d690f62..621c9f1 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/madd-2007-bl
+++ b/pyecsca/ec/efd/edwards/inverted/addition/madd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2 = 1
compute A = Z1
compute B = d A^2
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/madd-20080225-hwcd b/pyecsca/ec/efd/edwards/inverted/addition/madd-20080225-hwcd
index 08bd765..e0a3370 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/madd-20080225-hwcd
+++ b/pyecsca/ec/efd/edwards/inverted/addition/madd-20080225-hwcd
@@ -1,4 +1,5 @@
source 2008.02.25 Hisil--Wong--Carter--Dawson, page 8
+unified
assume Z2 = 1
compute A = X1
compute B = Y1
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/mmadd-2007-bl b/pyecsca/ec/efd/edwards/inverted/addition/mmadd-2007-bl
index d333914..c14f6d2 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/mmadd-2007-bl
+++ b/pyecsca/ec/efd/edwards/inverted/addition/mmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z1 = 1
assume Z2 = 1
compute C = X1 X2
diff --git a/pyecsca/ec/efd/edwards/inverted/addition/xmadd-2007-bl b/pyecsca/ec/efd/edwards/inverted/addition/xmadd-2007-bl
index 392d01c..0a5226a 100644
--- a/pyecsca/ec/efd/edwards/inverted/addition/xmadd-2007-bl
+++ b/pyecsca/ec/efd/edwards/inverted/addition/xmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume X2 = 1
compute A = Z1 Z2
compute B = d A^2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl
index 3cc1886..49d14c7 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute A = Z1 Z2
compute B = A^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-2 b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-2
index 449fde4..1d9cd2f 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-2
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-2
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute R1 = X1
compute R2 = Y1
compute R3 = Z1
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-3 b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-3
index 33e49ea..f89c161 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-3
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-3
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
parameter c2
assume c2 = 2*c
compute A = Z1 Z2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-4 b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-4
index ab868e1..0745da9 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-4
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-2007-bl-4
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
parameter i
assume i^2 = -1
compute iX2 = i X2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-20080225-hwcd b/pyecsca/ec/efd/edwards/projective/addition/add-20080225-hwcd
index dc4e163..ad7188e 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-20080225-hwcd
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-20080225-hwcd
@@ -1,4 +1,5 @@
source 2008.02.25 Hisil--Wong--Carter--Dawson, page 8
+unified
parameter k
assume k*c = 1
compute A = X1 Z2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/add-20090311-hwcd b/pyecsca/ec/efd/edwards/projective/addition/add-20090311-hwcd
index c3f6ac3..bdfb3fb 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/add-20090311-hwcd
+++ b/pyecsca/ec/efd/edwards/projective/addition/add-20090311-hwcd
@@ -1,4 +1,5 @@
source 2009.03.11 Hisil--Wong--Carter--Dawson, after formula (17), plus denominator elimination
+unified
parameter k
assume k*c = 1
compute R1 = X2 Y2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl
index 00bc0f2..72771c3 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl
+++ b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2 = 1
compute B = Z1^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-2 b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-2
index 080b055..f309991 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-2
+++ b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-2
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2 = 1
compute R1 = X1
compute R2 = Y1
diff --git a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-3 b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-3
index a67df7a..149ab61 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-3
+++ b/pyecsca/ec/efd/edwards/projective/addition/madd-2007-bl-3
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
parameter c2
assume c2 = 2*c
assume Z2 = 1
diff --git a/pyecsca/ec/efd/edwards/projective/addition/madd-20080225-hwcd b/pyecsca/ec/efd/edwards/projective/addition/madd-20080225-hwcd
index 6d4da4b..fde623e 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/madd-20080225-hwcd
+++ b/pyecsca/ec/efd/edwards/projective/addition/madd-20080225-hwcd
@@ -1,4 +1,5 @@
source 2008.02.25 Hisil--Wong--Carter--Dawson, page 8
+unified
parameter k
assume k*c = 1
assume Z2 = 1
diff --git a/pyecsca/ec/efd/edwards/projective/addition/mmadd-2007-bl b/pyecsca/ec/efd/edwards/projective/addition/mmadd-2007-bl
index 68a467d..ff09dd2 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/mmadd-2007-bl
+++ b/pyecsca/ec/efd/edwards/projective/addition/mmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z1 = 1
assume Z2 = 1
compute C = X1 X2
diff --git a/pyecsca/ec/efd/edwards/projective/addition/xmadd-2007-hcd b/pyecsca/ec/efd/edwards/projective/addition/xmadd-2007-hcd
index eb0ab17..c24559e 100644
--- a/pyecsca/ec/efd/edwards/projective/addition/xmadd-2007-hcd
+++ b/pyecsca/ec/efd/edwards/projective/addition/xmadd-2007-hcd
@@ -1,4 +1,5 @@
source 2007 Hisil--Carter--Dawson
+unified
assume X2 = 1
compute T0 = X1 Y2
compute T0 = T0+Y1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1986-cc b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1986-cc
index af536a1..e3f4775 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1986-cc
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1986-cc
@@ -1,4 +1,5 @@
source 1986 Chudnovsky--Chudnovsky "Sequences of numbers generated by addition in formal groups and new primality and factorization tests", page 414, formula (4.3i)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo
index b312a77..681a723 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo-2
index acef19d..9d3659a 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5), plus common-subexpression elimination
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-hnm b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-hnm
index ebace0d..36c775f 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-hnm
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-1998-hnm
@@ -1,4 +1,5 @@
source 1998 Hasegawa--Nakajima--Matsui, page 188
+unified
parameter half
assume half*2=1
compute R1 = X1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2001-b b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2001-b
index b6a403d..0ae3011 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2001-b
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2001-b
@@ -1,4 +1,5 @@
source 2001 Bernstein http://cr.yp.to/nistp224.html opt-idea53.c ecadd
+unified
compute ZZ1 = Z1^2
compute ZZZ1 = Z1 ZZ1
compute ZZ2 = Z2^2
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2007-bl b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2007-bl
index dc8af68..29a4d50 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange; note that the improvement from 12M+4S to 11M+5S was already mentioned in 2001 Bernstein http://cr.yp.to/talks.html#2001.10.29
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd
index c4ced5f..a7486ca 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd
@@ -1,4 +1,5 @@
assume Z2=1
+unified
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
compute S2 = Y2 Z1 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2004-hmv b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2004-hmv
index c6904b6..f47ecf9 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2004-hmv
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2004-hmv
@@ -1,4 +1,5 @@
source 2004 Hankerson--Menezes--Vanstone, page 91
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2007-bl b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2007-bl
index 92a97af..6e4a6f1 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2=1
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2008-g b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2008-g
index 7c5f660..0beec69 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2008-g
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/madd-2008-g
@@ -1,4 +1,5 @@
source 2008 Giessmann
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/mmadd-2007-bl b/pyecsca/ec/efd/shortw/jacobian-0/addition/mmadd-2007-bl
index e11d9e4..73dbfbb 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/mmadd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/mmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z1=1
assume Z2=1
compute H = X2-X1
diff --git a/pyecsca/ec/efd/shortw/jacobian-0/addition/zadd-2007-m b/pyecsca/ec/efd/shortw/jacobian-0/addition/zadd-2007-m
index 417ef26..589d783 100644
--- a/pyecsca/ec/efd/shortw/jacobian-0/addition/zadd-2007-m
+++ b/pyecsca/ec/efd/shortw/jacobian-0/addition/zadd-2007-m
@@ -1,4 +1,5 @@
source 2007 Meloni "New point addition formulae for ECC applications", page 192
+unified
assume Z1 = Z2
compute A = (X2-X1)^2
compute B = X1 A
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1986-cc b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1986-cc
index af536a1..e3f4775 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1986-cc
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1986-cc
@@ -1,4 +1,5 @@
source 1986 Chudnovsky--Chudnovsky "Sequences of numbers generated by addition in formal groups and new primality and factorization tests", page 414, formula (4.3i)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo
index b312a77..681a723 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo-2
index acef19d..9d3659a 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5), plus common-subexpression elimination
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-hnm b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-hnm
index ebace0d..36c775f 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-hnm
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-1998-hnm
@@ -1,4 +1,5 @@
source 1998 Hasegawa--Nakajima--Matsui, page 188
+unified
parameter half
assume half*2=1
compute R1 = X1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2001-b b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2001-b
index b6a403d..0ae3011 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2001-b
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2001-b
@@ -1,4 +1,5 @@
source 2001 Bernstein http://cr.yp.to/nistp224.html opt-idea53.c ecadd
+unified
compute ZZ1 = Z1^2
compute ZZZ1 = Z1 ZZ1
compute ZZ2 = Z2^2
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2007-bl b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2007-bl
index dc8af68..29a4d50 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange; note that the improvement from 12M+4S to 11M+5S was already mentioned in 2001 Bernstein http://cr.yp.to/talks.html#2001.10.29
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd
index c4ced5f..a7486ca 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd
@@ -1,4 +1,5 @@
assume Z2=1
+unified
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
compute S2 = Y2 Z1 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2004-hmv b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2004-hmv
index c6904b6..f47ecf9 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2004-hmv
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2004-hmv
@@ -1,4 +1,5 @@
source 2004 Hankerson--Menezes--Vanstone, page 91
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2007-bl b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2007-bl
index 92a97af..6e4a6f1 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2=1
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2008-g b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2008-g
index 7c5f660..0beec69 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2008-g
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/madd-2008-g
@@ -1,4 +1,5 @@
source 2008 Giessmann
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/mmadd-2007-bl b/pyecsca/ec/efd/shortw/jacobian-3/addition/mmadd-2007-bl
index e11d9e4..73dbfbb 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/mmadd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/mmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z1=1
assume Z2=1
compute H = X2-X1
diff --git a/pyecsca/ec/efd/shortw/jacobian-3/addition/zadd-2007-m b/pyecsca/ec/efd/shortw/jacobian-3/addition/zadd-2007-m
index 417ef26..589d783 100644
--- a/pyecsca/ec/efd/shortw/jacobian-3/addition/zadd-2007-m
+++ b/pyecsca/ec/efd/shortw/jacobian-3/addition/zadd-2007-m
@@ -1,4 +1,5 @@
source 2007 Meloni "New point addition formulae for ECC applications", page 192
+unified
assume Z1 = Z2
compute A = (X2-X1)^2
compute B = X1 A
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-1986-cc b/pyecsca/ec/efd/shortw/jacobian/addition/add-1986-cc
index af536a1..e3f4775 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-1986-cc
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-1986-cc
@@ -1,4 +1,5 @@
source 1986 Chudnovsky--Chudnovsky "Sequences of numbers generated by addition in formal groups and new primality and factorization tests", page 414, formula (4.3i)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo
index b312a77..681a723 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5)
+unified
compute U1 = X1 Z2^2
compute U2 = X2 Z1^2
compute S1 = Y1 Z2^3
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo-2
index acef19d..9d3659a 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (5), plus common-subexpression elimination
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-hnm b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-hnm
index ebace0d..36c775f 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-hnm
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-1998-hnm
@@ -1,4 +1,5 @@
source 1998 Hasegawa--Nakajima--Matsui, page 188
+unified
parameter half
assume half*2=1
compute R1 = X1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-2001-b b/pyecsca/ec/efd/shortw/jacobian/addition/add-2001-b
index b6a403d..0ae3011 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-2001-b
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-2001-b
@@ -1,4 +1,5 @@
source 2001 Bernstein http://cr.yp.to/nistp224.html opt-idea53.c ecadd
+unified
compute ZZ1 = Z1^2
compute ZZZ1 = Z1 ZZ1
compute ZZ2 = Z2^2
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/add-2007-bl b/pyecsca/ec/efd/shortw/jacobian/addition/add-2007-bl
index dc8af68..29a4d50 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange; note that the improvement from 12M+4S to 11M+5S was already mentioned in 2001 Bernstein http://cr.yp.to/talks.html#2001.10.29
+unified
compute Z1Z1 = Z1^2
compute Z2Z2 = Z2^2
compute U1 = X1 Z2Z2
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/madd b/pyecsca/ec/efd/shortw/jacobian/addition/madd
index c4ced5f..a7486ca 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/madd
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/madd
@@ -1,4 +1,5 @@
assume Z2=1
+unified
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
compute S2 = Y2 Z1 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2004-hmv b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2004-hmv
index c6904b6..f47ecf9 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2004-hmv
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2004-hmv
@@ -1,4 +1,5 @@
source 2004 Hankerson--Menezes--Vanstone, page 91
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2007-bl b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2007-bl
index 92a97af..6e4a6f1 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z2=1
compute Z1Z1 = Z1^2
compute U2 = X2 Z1Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2008-g b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2008-g
index 7c5f660..0beec69 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/madd-2008-g
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/madd-2008-g
@@ -1,4 +1,5 @@
source 2008 Giessmann
+unified
assume Z2=1
compute T1 = Z1^2
compute T2 = T1 Z1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/mmadd-2007-bl b/pyecsca/ec/efd/shortw/jacobian/addition/mmadd-2007-bl
index e11d9e4..73dbfbb 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/mmadd-2007-bl
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/mmadd-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
assume Z1=1
assume Z2=1
compute H = X2-X1
diff --git a/pyecsca/ec/efd/shortw/jacobian/addition/zadd-2007-m b/pyecsca/ec/efd/shortw/jacobian/addition/zadd-2007-m
index 417ef26..589d783 100644
--- a/pyecsca/ec/efd/shortw/jacobian/addition/zadd-2007-m
+++ b/pyecsca/ec/efd/shortw/jacobian/addition/zadd-2007-m
@@ -1,4 +1,5 @@
source 2007 Meloni "New point addition formulae for ECC applications", page 192
+unified
assume Z1 = Z2
compute A = (X2-X1)^2
compute B = X1 A
diff --git a/pyecsca/ec/efd/shortw/modified/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/modified/addition/add-1998-cmo-2
index 9801907..a21fc64 100644
--- a/pyecsca/ec/efd/shortw/modified/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/modified/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (9), plus common-subexpression elimination
+unified
compute ZZ1 = Z1^2
compute ZZ2 = Z2^2
compute U1 = X1 ZZ2
diff --git a/pyecsca/ec/efd/shortw/modified/addition/add-2009-bl b/pyecsca/ec/efd/shortw/modified/addition/add-2009-bl
index 34f85a3..1f9edb0 100644
--- a/pyecsca/ec/efd/shortw/modified/addition/add-2009-bl
+++ b/pyecsca/ec/efd/shortw/modified/addition/add-2009-bl
@@ -1,4 +1,5 @@
source 2009.04.01 Bernstein--Lange
+unified
compute ZZ1 = Z1^2
compute ZZ2 = Z2^2
compute U1 = X1 ZZ2
diff --git a/pyecsca/ec/efd/shortw/modified/addition/madd-2009-bl b/pyecsca/ec/efd/shortw/modified/addition/madd-2009-bl
index 24784b0..fc0a386 100644
--- a/pyecsca/ec/efd/shortw/modified/addition/madd-2009-bl
+++ b/pyecsca/ec/efd/shortw/modified/addition/madd-2009-bl
@@ -1,4 +1,5 @@
source 2009.04.27 Bernstein--Lange
+unified
assume Z2 = 1
compute ZZ1 = Z1^2
compute H = X2 ZZ1-X1
diff --git a/pyecsca/ec/efd/shortw/modified/addition/mmadd-2009-bl b/pyecsca/ec/efd/shortw/modified/addition/mmadd-2009-bl
index 914cc1a..b87ffd4 100644
--- a/pyecsca/ec/efd/shortw/modified/addition/mmadd-2009-bl
+++ b/pyecsca/ec/efd/shortw/modified/addition/mmadd-2009-bl
@@ -1,4 +1,5 @@
source 2009.04.27 Bernstein--Lange
+unified
assume Z1 = 1
assume Z2 = 1
compute H = X2-X1
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo
index 90ac7d9..c16503b 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3)
+unified
compute u = Y2 Z1-Y1 Z2
compute v = X2 Z1-X1 Z2
compute A = u^2 Z1 Z2-v^3-2 v^2 X1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo-2
index 8aabe7d..882e46c 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination
+unified
compute Y1Z2 = Y1 Z2
compute X1Z2 = X1 Z2
compute Z1Z2 = Z1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj b/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj
index 5ee1386..dcb3c31 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj
@@ -1,4 +1,5 @@
source 2002 Brier--Joye "Weierstrass elliptic curves and side-channel attacks", page 339
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj-2 b/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj-2
index f66570c..262f9f5 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj-2
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/add-2002-bj-2
@@ -1,4 +1,5 @@
source 2002 Brier--Joye "Weierstrass elliptic curves and side-channel attacks", page 340
+unified
appliesto projective-1
compute U1 = X1 Z2
compute U2 = X2 Z1
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/add-2007-bl b/pyecsca/ec/efd/shortw/projective-1/addition/add-2007-bl
index 59bb96e..8995c9c 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/madd-1998-cmo b/pyecsca/ec/efd/shortw/projective-1/addition/madd-1998-cmo
index b2e8a01..36fa78a 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/madd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/madd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination, plus Z2=1
+unified
assume Z2 = 1
compute u = Y2 Z1-Y1
compute uu = u^2
diff --git a/pyecsca/ec/efd/shortw/projective-1/addition/mmadd-1998-cmo b/pyecsca/ec/efd/shortw/projective-1/addition/mmadd-1998-cmo
index b2ed720..a62c90b 100644
--- a/pyecsca/ec/efd/shortw/projective-1/addition/mmadd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-1/addition/mmadd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", plus Z1=1, plus Z2=1, plus common-subexpression elimination
+unified
assume Z1 = 1
assume Z2 = 1
compute u = Y2-Y1
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo
index 90ac7d9..c16503b 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3)
+unified
compute u = Y2 Z1-Y1 Z2
compute v = X2 Z1-X1 Z2
compute A = u^2 Z1 Z2-v^3-2 v^2 X1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo-2
index 8aabe7d..882e46c 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination
+unified
compute Y1Z2 = Y1 Z2
compute X1Z2 = X1 Z2
compute Z1Z2 = Z1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/add-2002-bj b/pyecsca/ec/efd/shortw/projective-3/addition/add-2002-bj
index 5ee1386..dcb3c31 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/add-2002-bj
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/add-2002-bj
@@ -1,4 +1,5 @@
source 2002 Brier--Joye "Weierstrass elliptic curves and side-channel attacks", page 339
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/add-2007-bl b/pyecsca/ec/efd/shortw/projective-3/addition/add-2007-bl
index 59bb96e..8995c9c 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/madd-1998-cmo b/pyecsca/ec/efd/shortw/projective-3/addition/madd-1998-cmo
index b2e8a01..36fa78a 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/madd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/madd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination, plus Z2=1
+unified
assume Z2 = 1
compute u = Y2 Z1-Y1
compute uu = u^2
diff --git a/pyecsca/ec/efd/shortw/projective-3/addition/mmadd-1998-cmo b/pyecsca/ec/efd/shortw/projective-3/addition/mmadd-1998-cmo
index b2ed720..a62c90b 100644
--- a/pyecsca/ec/efd/shortw/projective-3/addition/mmadd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective-3/addition/mmadd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", plus Z1=1, plus Z2=1, plus common-subexpression elimination
+unified
assume Z1 = 1
assume Z2 = 1
compute u = Y2-Y1
diff --git a/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo b/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo
index 90ac7d9..c16503b 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3)
+unified
compute u = Y2 Z1-Y1 Z2
compute v = X2 Z1-X1 Z2
compute A = u^2 Z1 Z2-v^3-2 v^2 X1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo-2 b/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo-2
index 8aabe7d..882e46c 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo-2
+++ b/pyecsca/ec/efd/shortw/projective/addition/add-1998-cmo-2
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination
+unified
compute Y1Z2 = Y1 Z2
compute X1Z2 = X1 Z2
compute Z1Z2 = Z1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective/addition/add-2002-bj b/pyecsca/ec/efd/shortw/projective/addition/add-2002-bj
index 5ee1386..dcb3c31 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/add-2002-bj
+++ b/pyecsca/ec/efd/shortw/projective/addition/add-2002-bj
@@ -1,4 +1,5 @@
source 2002 Brier--Joye "Weierstrass elliptic curves and side-channel attacks", page 339
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective/addition/add-2007-bl b/pyecsca/ec/efd/shortw/projective/addition/add-2007-bl
index 59bb96e..8995c9c 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/add-2007-bl
+++ b/pyecsca/ec/efd/shortw/projective/addition/add-2007-bl
@@ -1,4 +1,5 @@
source 2007 Bernstein--Lange
+unified
compute U1 = X1 Z2
compute U2 = X2 Z1
compute S1 = Y1 Z2
diff --git a/pyecsca/ec/efd/shortw/projective/addition/madd-1998-cmo b/pyecsca/ec/efd/shortw/projective/addition/madd-1998-cmo
index b2e8a01..36fa78a 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/madd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective/addition/madd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", formula (3), plus common-subexpression elimination, plus Z2=1
+unified
assume Z2 = 1
compute u = Y2 Z1-Y1
compute uu = u^2
diff --git a/pyecsca/ec/efd/shortw/projective/addition/mmadd-1998-cmo b/pyecsca/ec/efd/shortw/projective/addition/mmadd-1998-cmo
index b2ed720..a62c90b 100644
--- a/pyecsca/ec/efd/shortw/projective/addition/mmadd-1998-cmo
+++ b/pyecsca/ec/efd/shortw/projective/addition/mmadd-1998-cmo
@@ -1,4 +1,5 @@
source 1998 Cohen--Miyaji--Ono "Efficient elliptic curve exponentiation using mixed coordinates", plus Z1=1, plus Z2=1, plus common-subexpression elimination
+unified
assume Z1 = 1
assume Z2 = 1
compute u = Y2-Y1
diff --git a/pyecsca/ec/efd/shortw/w12-0/addition/add-2010-cln b/pyecsca/ec/efd/shortw/w12-0/addition/add-2010-cln
index b89edf1..80de216 100644
--- a/pyecsca/ec/efd/shortw/w12-0/addition/add-2010-cln
+++ b/pyecsca/ec/efd/shortw/w12-0/addition/add-2010-cln
@@ -1,4 +1,5 @@
source 2010 Costello--Lange--Naehrig
+unified
compute A = Z1^2
compute B = Z2^2
compute C = (Z1 + Z2)^2-A-B
diff --git a/pyecsca/ec/efd/shortw/w12-0/addition/madd-2010-cln b/pyecsca/ec/efd/shortw/w12-0/addition/madd-2010-cln
index 741f21c..ee5fa5b 100644
--- a/pyecsca/ec/efd/shortw/w12-0/addition/madd-2010-cln
+++ b/pyecsca/ec/efd/shortw/w12-0/addition/madd-2010-cln
@@ -1,4 +1,5 @@
source 2010 Costello--Lange--Naehrig
+unified
assume Z2 = 1
compute A = Z1^2
compute E = X2 Z1
diff --git a/pyecsca/ec/efd/shortw/xyzz-3/addition/add-2008-s b/pyecsca/ec/efd/shortw/xyzz-3/addition/add-2008-s
index a28b0ab..ffa7bf0 100644
--- a/pyecsca/ec/efd/shortw/xyzz-3/addition/add-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz-3/addition/add-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
compute U1 = X1 ZZ2
compute U2 = X2 ZZ1
compute S1 = Y1 ZZZ2
diff --git a/pyecsca/ec/efd/shortw/xyzz-3/addition/madd-2008-s b/pyecsca/ec/efd/shortw/xyzz-3/addition/madd-2008-s
index 1830258..61b2db9 100644
--- a/pyecsca/ec/efd/shortw/xyzz-3/addition/madd-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz-3/addition/madd-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
assume ZZ2 = 1
assume ZZZ2 = 1
compute U2 = X2 ZZ1
diff --git a/pyecsca/ec/efd/shortw/xyzz-3/addition/mmadd-2008-s b/pyecsca/ec/efd/shortw/xyzz-3/addition/mmadd-2008-s
index 5953e20..621b6e1 100644
--- a/pyecsca/ec/efd/shortw/xyzz-3/addition/mmadd-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz-3/addition/mmadd-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
assume ZZ1 = 1
assume ZZZ1 = 1
assume ZZ2 = 1
diff --git a/pyecsca/ec/efd/shortw/xyzz/addition/add-2008-s b/pyecsca/ec/efd/shortw/xyzz/addition/add-2008-s
index a28b0ab..ffa7bf0 100644
--- a/pyecsca/ec/efd/shortw/xyzz/addition/add-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz/addition/add-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
compute U1 = X1 ZZ2
compute U2 = X2 ZZ1
compute S1 = Y1 ZZZ2
diff --git a/pyecsca/ec/efd/shortw/xyzz/addition/madd-2008-s b/pyecsca/ec/efd/shortw/xyzz/addition/madd-2008-s
index 1830258..61b2db9 100644
--- a/pyecsca/ec/efd/shortw/xyzz/addition/madd-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz/addition/madd-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
assume ZZ2 = 1
assume ZZZ2 = 1
compute U2 = X2 ZZ1
diff --git a/pyecsca/ec/efd/shortw/xyzz/addition/mmadd-2008-s b/pyecsca/ec/efd/shortw/xyzz/addition/mmadd-2008-s
index 5953e20..621b6e1 100644
--- a/pyecsca/ec/efd/shortw/xyzz/addition/mmadd-2008-s
+++ b/pyecsca/ec/efd/shortw/xyzz/addition/mmadd-2008-s
@@ -1,4 +1,5 @@
source 2008 Sutherland
+unified
assume ZZ1 = 1
assume ZZZ1 = 1
assume ZZ2 = 1
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd
index 78b82c3..69ebdf3 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
compute A = X1 X2
compute B = Y1 Y2
compute C = T1 d T2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-2
index 0b2c88d..6f1848d 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
compute A = X1 X2
compute B = Y1 Y2
compute C = Z1 T2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-3 b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-3
index 5f7892e..8a95b77 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-3
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-3
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
appliesto extended-1
parameter k
assume k = 2*d
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-4 b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-4
index 09c7447..f65e73d 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-4
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/add-2008-hwcd-4
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
appliesto extended-1
compute A = (Y1-X1)(Y2+X2)
compute B = (Y1+X1)(Y2-X2)
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd
index 92cb21e..43efa01 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
assume Z2 = 1
compute A = X1 X2
compute B = Y1 Y2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-2
index 546063e..410ca20 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
assume Z2 = 1
compute A = X1 X2
compute B = Y1 Y2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-3 b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-3
index 7474626..ea5191d 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-3
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-3
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
appliesto extended-1
assume Z2 = 1
parameter k
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-4 b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-4
index 89b52ed..0433523 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-4
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/madd-2008-hwcd-4
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
appliesto extended-1
assume Z2 = 1
compute A = (Y1-X1)(Y2+X2)
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd
index cdda363..77f2ef7 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1, plus assumption Z1=1, plus standard simplification
+unified
assume Z1 = 1
assume Z2 = 1
compute A = X1 X2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-2
index 6f296d5..e8bcf9a 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2, plus assumption Z1=1
+unified
assume Z1 = 1
assume Z2 = 1
compute A = X1 X2
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-3 b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-3
index 9c53737..65f488e 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-3
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-3
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1, plus assumption Z1=1, plus standard simplification
+unified
appliesto extended-1
assume Z1 = 1
assume Z2 = 1
diff --git a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-4 b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-4
index 6cc599c..1497e39 100644
--- a/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-4
+++ b/pyecsca/ec/efd/twisted/extended-1/addition/mmadd-2008-hwcd-4
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2, plus assumption Z1=1
+unified
appliesto extended-1
assume Z1 = 1
assume Z2 = 1
diff --git a/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd b/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd
index 78b82c3..69ebdf3 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
compute A = X1 X2
compute B = Y1 Y2
compute C = T1 d T2
diff --git a/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd-2
index 0b2c88d..6f1848d 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended/addition/add-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
compute A = X1 X2
compute B = Y1 Y2
compute C = Z1 T2
diff --git a/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd b/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd
index 92cb21e..43efa01 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1
+unified
assume Z2 = 1
compute A = X1 X2
compute B = Y1 Y2
diff --git a/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd-2
index 546063e..410ca20 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended/addition/madd-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2
+unified
assume Z2 = 1
compute A = X1 X2
compute B = Y1 Y2
diff --git a/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd b/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd
index cdda363..77f2ef7 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd
+++ b/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.1, plus assumption Z1=1, plus standard simplification
+unified
assume Z1 = 1
assume Z2 = 1
compute A = X1 X2
diff --git a/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd-2 b/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd-2
index 6f296d5..e8bcf9a 100644
--- a/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd-2
+++ b/pyecsca/ec/efd/twisted/extended/addition/mmadd-2008-hwcd-2
@@ -1,4 +1,5 @@
source 2008 Hisil--Wong--Carter--Dawson, http://eprint.iacr.org/2008/522, Section 3.2, plus assumption Z1=1
+unified
assume Z1 = 1
assume Z2 = 1
compute A = X1 X2
diff --git a/pyecsca/ec/efd/twisted/inverted/addition/add-2008-bbjlp b/pyecsca/ec/efd/twisted/inverted/addition/add-2008-bbjlp
index 4997a3e..ed221e4 100644
--- a/pyecsca/ec/efd/twisted/inverted/addition/add-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/inverted/addition/add-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013, Section 6
+unified
compute A = Z1 Z2
compute B = d A^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/twisted/inverted/addition/madd-2008-bbjlp b/pyecsca/ec/efd/twisted/inverted/addition/madd-2008-bbjlp
index 83267c8..66abd07 100644
--- a/pyecsca/ec/efd/twisted/inverted/addition/madd-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/inverted/addition/madd-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013, Section 6, plus Z2=1, plus common-subexpression elimination
+unified
assume Z2 = 1
compute B = d Z1^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/twisted/inverted/addition/mmadd-2008-bbjlp b/pyecsca/ec/efd/twisted/inverted/addition/mmadd-2008-bbjlp
index e47a3c9..5a0685e 100644
--- a/pyecsca/ec/efd/twisted/inverted/addition/mmadd-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/inverted/addition/mmadd-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013, Section 6, plus Z2=1, plus Z1=1, plus common-subexpression elimination
+unified
assume Z1 = 1
assume Z2 = 1
compute C = X1 X2
diff --git a/pyecsca/ec/efd/twisted/projective/addition/add-2008-bbjlp b/pyecsca/ec/efd/twisted/projective/addition/add-2008-bbjlp
index 42d7bf3..01be983 100644
--- a/pyecsca/ec/efd/twisted/projective/addition/add-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/projective/addition/add-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013 Section 6
+unified
compute A = Z1 Z2
compute B = A^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/twisted/projective/addition/madd-2008-bbjlp b/pyecsca/ec/efd/twisted/projective/addition/madd-2008-bbjlp
index 9e65591..f13cf42 100644
--- a/pyecsca/ec/efd/twisted/projective/addition/madd-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/projective/addition/madd-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013 Section 6, plus Z2=1, plus common-subexpression elimination
+unified
assume Z2 = 1
compute B = Z1^2
compute C = X1 X2
diff --git a/pyecsca/ec/efd/twisted/projective/addition/mmadd-2008-bbjlp b/pyecsca/ec/efd/twisted/projective/addition/mmadd-2008-bbjlp
index 51d5db1..85d2f8b 100644
--- a/pyecsca/ec/efd/twisted/projective/addition/mmadd-2008-bbjlp
+++ b/pyecsca/ec/efd/twisted/projective/addition/mmadd-2008-bbjlp
@@ -1,4 +1,5 @@
source 2008 Bernstein--Birkner--Joye--Lange--Peters http://eprint.iacr.org/2008/013 Section 6, plus Z2=1, plus Z1=1, plus standard simplification
+unified
assume Z1 = 1
assume Z2 = 1
compute C = X1 X2
diff --git a/pyecsca/ec/formula.py b/pyecsca/ec/formula.py
index 2e56f42..f380ebc 100644
--- a/pyecsca/ec/formula.py
+++ b/pyecsca/ec/formula.py
@@ -86,6 +86,7 @@ class Formula(ABC):
shortname: ClassVar[str]
num_inputs: ClassVar[int]
num_outputs: ClassVar[int]
+ unified: bool
def __call__(self, *points: Any, **params: Mod) -> Tuple[Any, ...]:
"""
@@ -200,6 +201,7 @@ class EFDFormula(Formula):
self.parameters = []
self.assumptions = []
self.code = []
+ self.unified = False
self.__read_meta_file(path)
self.__read_op3_file(path + ".op3")
@@ -215,6 +217,8 @@ class EFDFormula(Formula):
elif line.startswith("assume"):
self.assumptions.append(
parse(line[7:].replace("=", "==").replace("^", "**"), mode="eval"))
+ elif line.startswith("unified"):
+ self.unified = True
line = f.readline().decode("ascii")
def __read_op3_file(self, path):
diff --git a/test/ec/test_curve.py b/test/ec/test_curve.py
index 9cbf652..b8eb916 100644
--- a/test/ec/test_curve.py
+++ b/test/ec/test_curve.py
@@ -62,6 +62,11 @@ class CurveTests(TestCase):
expected = self.secp128r1.curve.affine_double(expected)
self.assertEqual(self.secp128r1.curve.affine_multiply(self.affine_base, 10), expected)
+ def test_affine_neutral(self):
+ self.assertIsNone(self.secp128r1.curve.affine_neutral)
+ self.assertIsNone(self.curve25519.curve.affine_neutral)
+ self.assertIsNotNone(self.ed25519.curve.affine_neutral)
+
def test_neutral_is_affine(self):
self.assertFalse(self.secp128r1.curve.neutral_is_affine)
self.assertFalse(self.curve25519.curve.neutral_is_affine)