Add exception for errors during curve import.

.gitignore

@@ -0,0 +1,21 @@
+data/
+local/
+venv/
+.idea/
+*.log
+*.pyc
+*.ipynb
+!curve_analyzer/visual/trait_results_multi_comparison.ipynb
+.ipynb_checkpoints
+*/.ipynb_checkpoints/*
+curve_analyzer/**/__pycache__
+curve_analyzer/traits/test_launcher.py
+curve_analyzer/traits/.*
+curve_analyzer/traits/sample_curves.py
+curve_analyzer/traits/**/*.json
+curve_analyzer/traits/**/*.params
+curve_analyzer/traits/**/*.txt
+curve_analyzer/utils/parallel/results/*
+curve_analyzer/curves_json_sim/*
+/curve_analyzer.egg-info/
+DiSSECT.egg-info

.gitlab-ci.yml

@@ -0,0 +1,19 @@
+image:
+  name: sagemath/sagemath:latest
+  entrypoint: [ "" ]
+
+variables:
+  GIT_SUBMODULE_STRATEGY: recursive
+
+stages:
+  - test
+
+test:
+  tags:
+    - shared-fi
+  before_script:
+    - sage --pip3 install Ptable
+  script:
+    - export PATH=$PATH:`sage -c "import sys; import os; print(os.path.join([x for x in sys.path if 'src/bin' in x][0],'../../local/bin') + ':' + \":\".join(sys.path))" 2>/dev/null`
+    - sage --python3 setup.py install
+    - sage --python3 -m unittest discover curve_analyzer/traits/unit_tests

.gitmodules

@@ -0,0 +1,10 @@
+[submodule "curve_analyzer/curves_json"]
+	path = curve_analyzer/curves_json
+	url = https://github.com/J08nY/std-curves.git
+	branch = data
+	update = merge
+[submodule "curve_analyzer/utils/efd"]
+	path = curve_analyzer/utils/efd
+	url = https://github.com/J08nY/efd.git
+	branch = master
+	update = merge

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 CRoCS FI MUNI
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,105 @@
+# DiSSECT: Distinguisher of Standard & Simulated Elliptic Curves through Traits
+
+[![pipeline status](https://gitlab.fi.muni.cz/x408178/curve_analyzer/badges/master/pipeline.svg)](https://gitlab.fi.muni.cz/x408178/curve_analyzer/-/commits/master)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://gitlab.fi.muni.cz/x408178/curve_analyzer/-/blob/master/LICENSE)
+[![language](https://badgen.net/badge/language/python,sage/purple?list=/)](https://www.sagemath.org/)
+[![traits](https://badgen.net/badge/traits/13/blue)](https://gitlab.fi.muni.cz/x408178/curve_analyzer/-/tree/master/curve_analyzer/traits)
+[![curves](https://badgen.net/badge/curves/158%20std,%20217188%20sim?list=|)](https://github.com/J08nY/std-curves)
+
+# Setup
+**Using virtual environment**:
+
+- Create virtual environment for python in sage: `sage --python3 -m venv --system-site-packages environment`
+
+- Activate the environment: `source environment/bin/activate`
+
+- Run `pip3 install --editable .` in curve_analyzer folder
+
+**Alternatively without virtual environment (not recommended)**:  
+From the root directory, run `sage --python3 setup.py develop --user` to initialize the project.
+
+## Running the curve traits
+
+Run `./run_traits.py` in directory `traits`. Use the `-h` flag to get the help menu. To merge the results of a trait (
+a05 in this case) into single file, run `./merge_trait_results.py -n a05`.
+
+### Example usage
+
+To run trait a05 on all standard curves of bitsizes up to 192 with cofactor 1 or 2 in verbose mode using 3 cores and 100
+jobs, run `./run_traits.py -n a05 -c std -v -b 192 -a 1 2 -t 3 -j 100`.
+
+### Supported curve sets
+
+- std: all standard curves
+- sim: all simulated curves
+- sample: curves secp112r1, secp192r1, secp256r1
+- all: all curves in the database
+
+## Overview of available traits
+
+| name    | description                                                                       | implemented        |  computed\*        |time req.\*\* |memory req.\*\*\*
+|:-------:| ----------------------------------------------------------------------------------|:------------------:|:------------------:|:------------:|:---------:   
+a01    | group stucture of the curve in field extensions                                   | :white_check_mark: | :x:                | high         | low
+a02    | CM discriminant, its factorizations and max conductors in field extensions        | :white_check_mark: | :white_check_mark:                | high         | medium
+a04    | factorizations of $`kn\pm 1`$                                                     | :white_check_mark: | :white_check_mark:                | high         | high
+a05    | field extensions containing nontrivial/full $`l`$-torsion                         | :white_check_mark: | :white_check_mark: | medium       | low
+   a06    | Kronecker symbols of CM discriminants in field extensions w.r.t. small primes     | :white_check_mark: | :white_check_mark: | high         | medium
+   a08    | class number of the maximal order of the endomorphism ring                        | :white_check_mark: | :x:                | extreme      | low
+a12    | multiplicative orders of small primes modulo curve order                          | :white_check_mark: | :white_check_mark: | medium       | medium
+a22    | factorizations of small division polynomials                                      | :white_check_mark: | :white_check_mark:             | high         | high
+a23    | volcano depth and crater degree in the $`l`$-isogeny graph                        | :white_check_mark: | :white_check_mark: | high         | low
+a24    | field extensions containing nontrivial/full number of $`l`$-isogenies             | :white_check_mark: | :white_check_mark:             | medium       | low
+a25    | trace in field extensions and its factorization                                   | :white_check_mark: | :white_check_mark: | low          | low
+i06    | square parts of $`4q-1`$ and $`4n-1`$                                             | :white_check_mark: | :white_check_mark:                | low          | low
+i07    | distance of $`n`$ from the nearest power of two and multiple of 32/64             | :white_check_mark: | :white_check_mark:             | low          | low
+i10    | points satisfying ZVP conditions             | :white_check_mark: | :x:             | medium          | high
+
+Notation: $`n`$ is the curve order, $`q`$ is the order of the base field  
+\* on sim and std curves with at most 256 bits and cofactor 1    
+\*\* this is very rough and subjective  
+\*\*\* on the above dataset: low is  <100 MB, medium is 100-500 MB, high is >500 MB (measuring JSONs)
+
+## Overview of planned traits
+
+| name    | description                                                                       | fully specified        
+|:-------:| ----------------------------------------------------------------------------------|:------------------:
+   a03    | distribution and sizes of isogeny classes                                         | :x: 
+   a07    | lifts of curves to other fields                                                   | :x: 
+   a09    | existence of pairing-friendly cycles                                              | :x: 
+   a10    | existence of factorization bases                                                  | :x: 
+   a11    | minimal codewords in elliptic codes                                               | :x: 
+   a13    | images of points under pairings                                                   | :x: 
+   a14    | conductor and modularity                                                          | :x: 
+   a15    | the lattice associated to the curve over $`C`$                                    | :x: 
+   a16    | the Neron model                                                                   | :x: 
+   a17    | the L-series                                                                      | :x: 
+   a18    | the invariant differential                                                        | :x: 
+   a19    | local heights                                                                     | :x: 
+   a20    | $`S`$-integral points                                                             | :x: 
+   a21    | Galois groups of various polynomials                                              | :x:
+   a22    | the embedding degree                                                              | :x:
+   i01    | curves under parameter bitflips                                                   | :x:
+   i02    | curves with the same $`j`$-invariant/group order, but different $`q`$             | :x:
+   i03    | the number of modular reductions in various computations                          | :x:
+   i04    | the coordinates of special scalar multiples                                       | :x:
+   i05    | vulnerability against $`\rho`$ and kangaroo                                       | :x:
+i08    | properties of quadratic twists                                                    | :x:
+i09    | quadratic residuosity of $`b`$                                                    | :x:
+s01    | statistical properties of scalar multiplication                                   | :x:
+s02    | distribution of point coordinates in various intervals                            | :x:
+s03    | properties of other curve models                                                  | :x:
+s04    | modular polynomials in given $`j`$-invariant                                      | :x:
+s05    | images of points under isogenies                                                  | :x:
+s06    | summation polynomials                                                             | :x:
+s07    | distributions of curves with similar properties                                   | :x:
+s08    | properties of the function shifting a point by the generator                      | :x:
+
+## Unit tests
+
+Run `sage --python3 -m unittest discover` in directory `traits/unit_tests/`. Only unit tests starting with `test` will
+be run; those starting with `local` have to be run manually (as they require resources not available on the server).
+
+## Parameters and structure
+
+From directory `traits`, parameter files can be (re)generated by `sage --python3 params.py` and structure files can be (
+re)generated by `sage --python3 traits/traits_structures.py -t all` (both of these are already done during the setup).

curve_analyzer/definitions.py

@@ -0,0 +1,20 @@
+import re
+from pathlib import Path
+
+ROOT_DIR = Path(__file__).parent  # This is your Project Root
+CURVE_PATH = Path(ROOT_DIR, 'curves_json')
+CURVE_PATH_SIM = Path(ROOT_DIR, 'curves_json_sim')
+TRAIT_PATH = Path(ROOT_DIR, 'traits')
+PARALLEL_RESULTS_PATH = Path(ROOT_DIR, 'utils', 'parallel', 'results')
+ZVP_PATH = Path(ROOT_DIR, 'utils', 'zvp')
+EFD_PATH = Path(ROOT_DIR, 'utils', 'efd')
+EFD_SHORTW_PROJECTIVE_ADDITION_PATH = Path(EFD_PATH, 'shortw', 'projective', 'addition')
+EFD_SHORTW_PROJECTIVE_ADDITION_FORMULAS = [f for f in EFD_SHORTW_PROJECTIVE_ADDITION_PATH.iterdir() if
+                                           f.suffix == '.op3']
+EFD_SHORTW_PROJECTIVE_MINUS3_ADDITION_PATH = Path(EFD_PATH, 'shortw', 'projective-3', 'addition')
+EFD_SHORTW_PROJECTIVE_MINUS3_ADDITION_FORMULAS = [f for f in EFD_SHORTW_PROJECTIVE_MINUS3_ADDITION_PATH.iterdir() if
+                                                  f.suffix == '.op3']
+X962_PATH = Path(ROOT_DIR, 'utils', 'parallel', 'x962')
+TRAIT_MODULE_PATH = 'curve_analyzer.traits'
+TRAIT_NAME_CONDITION = r'[ais][0-9][0-9]'
+TRAIT_NAMES = [f.name for f in TRAIT_PATH.iterdir() if f.is_dir() and re.search(TRAIT_NAME_CONDITION, f.name)]

curve_analyzer/traits/a01/a01.py

@@ -0,0 +1,46 @@
+from sage.all import GF, Integer
+
+from curve_analyzer.traits.trait_interface import pretty_print_results, compute_results, timeout
+
+# global time for one factorization
+TIME = 10
+
+
+def a01_curve_function(curve, deg):
+    """returns the orders of the two generators of the curve over the deg-th relative extension"""
+    E = curve.EC
+    q = curve.q
+    curve_results = {}
+
+    E_ext = E.base_extend(GF(q ** deg))
+    t = TIME
+    curve_results['ord1'] = timeout(E_ext.abelian_group().gens()[0].order, [], timeout_duration=t)
+    if not isinstance(curve_results['ord1'],Integer):
+        curve_results['ord2'] = 1
+        return curve_results
+    try:
+        curve_results['ord2'] = timeout(E_ext.abelian_group().gens()[1].order, [], timeout_duration=t)
+    except IndexError:
+        curve_results['ord2'] = 1
+    return curve_results
+
+
+def compute_a01_results(curve_list, desc='', verbose=False):
+    compute_results(curve_list, 'a01', a01_curve_function, desc=desc, verbose=verbose)
+
+
+def get_a01_captions(results):
+    return ['ord1', 'ord2']
+
+
+def select_a01_results(curve_results):
+    keys = ['ord1', 'ord2']
+    selected_results = []
+    for key in keys:
+        for x in curve_results:
+            selected_results.append(x[key])
+    return selected_results
+
+
+def pretty_print_a01_results(curve_list, save_to_txt=True):
+    pretty_print_results(curve_list, 'a01', get_a01_captions, select_a01_results, save_to_txt=save_to_txt)

curve_analyzer/traits/a02/a02.py

@@ -0,0 +1,64 @@
+from sage.all import ZZ, sqrt, factor, squarefree_part
+
+from curve_analyzer.traits.trait_interface import pretty_print_results, compute_results, timeout
+
+# global time for one factorization
+TIME = 10
+
+
+def ext_trace(q, t, deg):
+    a = 2
+    b = t
+    for _ in range(deg - 1):
+        tmp = b
+        b = t * b - q * a
+        a = tmp
+    return b
+
+
+def a02_curve_function(curve, deg):
+    '''
+    Computation of d_K (cm_disc), v (max_conductor) and factorization of D where D=t^2-4q = v^2*d_K
+    Returns a dictionary (keys: 'cm_disc', 'factorization', 'max_conductor')
+    '''
+    t = curve.trace
+    q = curve.q
+    curve_results = {}
+    t = ext_trace(q, t, deg)
+    q = q ** deg
+    D = t ** 2 - 4 * q
+    d = squarefree_part(D)
+    disc = d
+    if d % 4 != 1:
+        disc *= 4
+    curve_results['cm_disc'] = disc
+    t = TIME
+    factorization = timeout(factor, [D], timeout_duration=t)
+    if factorization == 'NO DATA (timed out)':
+        curve_results['factorization'] = []
+    else:
+        tuples_to_lists = [list(i) for i in list(factorization)]
+        curve_results['factorization'] = tuples_to_lists
+    curve_results['max_conductor'] = ZZ(sqrt(D / disc))
+    return curve_results
+
+
+def compute_a02_results(curve_list, desc='', verbose=False):
+    compute_results(curve_list, 'a02', a02_curve_function, desc=desc, verbose=verbose)
+
+
+def get_a02_captions(results):
+    return ['max_conductor', 'factorization', 'cm_disc']
+
+
+def select_a02_results(curve_results):
+    keys = ['max_conductor', 'factorization', 'cm_disc']
+    selected_results = []
+    for key in keys:
+        for x in curve_results:
+            selected_results.append(x[key])
+    return selected_results
+
+
+def pretty_print_a02_results(curve_list, save_to_txt=True):
+    pretty_print_results(curve_list, 'a02', get_a02_captions, select_a02_results, save_to_txt=save_to_txt)

curve_analyzer/traits/a04/a04.py

@@ -0,0 +1,67 @@
+from sage.all import ecm
+
+from curve_analyzer.traits.trait_interface import pretty_print_results, compute_results, timeout
+
+# global time for one factorization
+TIME = 10
+
+
+def near_order_factorizations(n, sign='+', k=10, t=10):
+    '''Computer factorization of k*n+1 (k*n-1) if 'sign' is "+" ("-") in time 't' '''
+    assert sign in ['+', '-']
+
+    if sign == '+':
+        m = k * n + 1
+    else:
+        m = k * n - 1
+    return timeout(ecm.factor, [m], timeout_duration=t)
+
+
+def largest_factor_bitlen(factorization):
+    '''Computes bit length of largest factor(last item of list) of 'factorization' '''
+    try:
+        bitlen = factorization[-1].nbits()
+    except AttributeError:
+        bitlen = factorization
+    return bitlen
+
+
+def a04_curve_function(curve, k):
+    '''
+    Computes factorization of ord*k+1 and ord*k-1 and bit lengths of their largest factors
+    Returns a dictionary
+    noinspection PyDictCreation
+    '''
+    card = curve.cardinality
+    t = TIME
+    curve_results = {}
+    curve_results['(+)factorization'] = near_order_factorizations(card, '+', k, t)
+    curve_results['(+)largest_factor_bitlen'] = largest_factor_bitlen(curve_results['(+)factorization'])
+    curve_results['(-)factorization'] = near_order_factorizations(card, '-', k, t)
+    curve_results['(-)largest_factor_bitlen'] = largest_factor_bitlen(curve_results['(-)factorization'])
+    return curve_results
+
+
+def compute_a04_results(curve_list, desc='', verbose=False):
+    compute_results(curve_list, 'a04', a04_curve_function, desc=desc, verbose=verbose)
+
+
+def get_a04_captions(results):
+    captions = ['factorization (+)', 'largest_factor_bitlen (+)', ' factorization (-)', 'largest_factor_bitlen (-)']
+    return captions
+
+
+def select_a04_results(curve_results):
+    keys = [('(+)' + 'factorization'), ('(+)' + 'largest_factor_bitlen'), ('(-)' + 'factorization'),
+            ('(-)' + 'largest_factor_bitlen')]
+    selected_results = []
+    for key in keys:
+        selected_key = []
+        for x in curve_results:
+            selected_key.append(x[key])
+        selected_results.append(selected_key)
+    return selected_results
+
+
+def pretty_print_a04_results(curve_list, save_to_txt=True):
+    pretty_print_results(curve_list, 'a04', get_a04_captions, select_a04_results, save_to_txt=save_to_txt)