Initial commit

cp6_782/Cargo.toml

@@ -0,0 +1,29 @@
+[package]
+name = "ark-cp6-782"
+version = "0.1.0"
+authors = [ "arkworks contributors" ]
+description = "The CP6-782 pairing-friendly elliptic curve"
+homepage = "https://arworks.rs"
+repository = "https://github.com/arkworks/algebra"
+documentation = "https://docs.rs/ark-cp6-782/"
+keywords = ["cryptography", "finite fields", "elliptic curves" ]
+categories = ["cryptography"]
+include = ["Cargo.toml", "src", "README.md", "LICENSE-APACHE", "LICENSE-MIT"]
+license = "MIT/Apache-2.0"
+edition = "2018"
+
+[dependencies]
+ark-ff = { git = "https://github.com/arkworks-rs/algebra", default-features = false }
+ark-ec = { git = "https://github.com/arkworks-rs/algebra", default-features = false }
+ark-std = { git = "https://github.com/arkworks-rs/utils", default-features = false }
+ark-bls12-377 = { path = "../bls12_377", default-features = false, features = [ "base_field" ] }
+
+[dev-dependencies]
+ark-serialize = { git = "https://github.com/arkworks-rs/algebra", default-features = false }
+ark-curve-tests = { path = "../curve-tests", default-features = false }
+rand = { version = "0.7", default-features = false }
+rand_xorshift = "0.2"
+
+[features]
+default = []
+std = [ "ark-std/std", "ark-ff/std", "ark-ec/std", "ark-bls12-377/std" ]

cp6_782/src/curves/g1.rs

@@ -0,0 +1,126 @@
+use ark_ec::{
+    models::{ModelParameters, SWModelParameters},
+    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
+};
+use ark_ff::{
+    biginteger::{BigInteger384, BigInteger832},
+    field_new,
+};
+
+use crate::{Fq, Fr};
+
+pub type G1Affine = GroupAffine<Parameters>;
+pub type G1Projective = GroupProjective<Parameters>;
+
+#[derive(Clone, Default, PartialEq, Eq)]
+pub struct Parameters;
+
+impl ModelParameters for Parameters {
+    type BaseField = Fq;
+    type ScalarField = Fr;
+}
+
+impl SWModelParameters for Parameters {
+    /// COEFF_A = 5
+    #[rustfmt::skip]
+    const COEFF_A: Fq = field_new!(Fq, BigInteger832([
+        0x781c76643018bd7a,
+        0x64f3a5a4f1d1ad48,
+        0xd2f8a1eb4f72692d,
+        0xc35eb123c6ed72ca,
+        0xb58d6bcfd32de058,
+        0x841eab13b02a492c,
+        0x4b70dc5a54c487e7,
+        0x2f231a8808a74c59,
+        0x5e2915154d70b050,
+        0x8a40fa16f37a6b37,
+        0xd01980093a72c54b,
+        0xef6845c25398004c,
+        0x48,
+    ]));
+
+    /// COEFF_B = 17764315118651679038286329069295091506801468118146712649886336045535808055361274148466772191243305528312843236347777260247138934336850548243151534538734724191505953341403463040067571652261229308333392040104884438208594329793895206056414
+    #[rustfmt::skip]
+    const COEFF_B: Fq = field_new!(Fq, BigInteger832([
+        0xec5bd271ad37429,
+        0x9db8ac843ecca28a,
+        0x94f29bcb7e01bc74,
+        0x1b0bebb77bb5af0,
+        0x75b8cef4aa27ee17,
+        0xb5767ae80812cf6b,
+        0x592fa41e377a0d8c,
+        0xb6c6deedbb52df3e,
+        0xcb1343e488737fd4,
+        0x878020734d05b5a9,
+        0x2f51354eddfa069a,
+        0x498e2ecdc545243e,
+        0x2c2,
+    ]));
+
+    /// COFACTOR =
+    /// 86482221941698704497288378992285180119495364068003923046442785886272123124361700722982503222189455144364945735564951561028
+    #[rustfmt::skip]
+    const COFACTOR: &'static [u64] = &[
+        0x5657b9b57b942344,
+        0x84f9a65f3bd54eaf,
+        0x5ea4214e35cd127,
+        0xe3cbcbc14ec1501d,
+        0xf196cb845a3092ab,
+        0x7e14627ad0e19017,
+        0x217db4,
+    ];
+
+    /// COFACTOR^(-1) mod r =
+    /// 163276846538158998893990986356139314746223949404500031940624325017036397274793417940375498603127780919653358641788
+    #[rustfmt::skip]
+    const COFACTOR_INV: Fr = field_new!(Fr, BigInteger384([
+        4179837108212676264,
+        15545810469293120493,
+        13202863094424182470,
+        9506285060796071546,
+        9248558385029790142,
+        87030208545296111,
+    ]));
+
+    /// AFFINE_GENERATOR_COEFFS = (G1_GENERATOR_X, G1_GENERATOR_Y)
+    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
+        (G1_GENERATOR_X, G1_GENERATOR_Y);
+}
+
+/// G1_GENERATOR_X =
+/// 5511163824921585887915590525772884263960974614921003940645351443740084257508990841338974915037175497689287870585840954231884082785026301437744745393958283053278991955159266640440849940136976927372133743626748847559939620888818486853646
+#[rustfmt::skip]
+pub const G1_GENERATOR_X: Fq = field_new!(Fq, BigInteger832([
+    0x5901480e5bc22290,
+    0x20024afcdb9bd3a9,
+    0x12dc18ff416e8138,
+    0x28c69aa0ea223e18,
+    0xafb1524a1eb7efe6,
+    0x3d5c34edc3764ca2,
+    0x736c2230c8466ce9,
+    0xacfaa04e051014f1,
+    0x5d5ff82f00ff2964,
+    0x64c13ba270a26eaf,
+    0x50e9864b56ab172e,
+    0xd8370826a322499e,
+    0x00000000000006f1,
+]));
+
+/// G1_GENERATOR_Y =
+/// 7913123550914612057135582061699117755797758113868200992327595317370485234417808273674357776714522052694559358668442301647906991623400754234679697332299689255516547752391831738454121261248793568285885897998257357202903170202349380518443
+#[rustfmt::skip]
+pub const G1_GENERATOR_Y: Fq = field_new!(Fq, BigInteger832([
+    0x8af8b64b402e1953,
+    0xd1bbceb3a258ea51,
+    0xdca9efa3140aaa0d,
+    0x807a610058ddedb2,
+    0xeb898562fe88076c,
+    0x0e4342ca56dd8ce2,
+    0x4f5528d29f1bde9a,
+    0xf18b0c6c19feb372,
+    0x94503ac2fac9199c,
+    0xffc86a8aff08ea34,
+    0xf7b1295214735d8c,
+    0x44eda9e0f55edd10,
+    0x0000000000000ef3,
+]));

cp6_782/src/curves/g2.rs

@@ -0,0 +1,241 @@
+use ark_ec::{
+    models::{ModelParameters, SWModelParameters},
+    short_weierstrass_jacobian::{GroupAffine, GroupProjective},
+};
+use ark_ff::{
+    biginteger::{BigInteger384, BigInteger832},
+    field_new,
+};
+
+use crate::{Fq, Fq3, Fr, FQ_ZERO};
+
+pub type G2Affine = GroupAffine<Parameters>;
+pub type G2Projective = GroupProjective<Parameters>;
+
+#[derive(Clone, Default, PartialEq, Eq)]
+pub struct Parameters;
+
+impl ModelParameters for Parameters {
+    type BaseField = Fq3;
+    type ScalarField = Fr;
+}
+
+impl SWModelParameters for Parameters {
+    /// COEFF_A = (0, 0, COEFF_A * TWIST^2) = (0, 0, 5)
+    #[rustfmt::skip]
+    const COEFF_A: Fq3 = field_new!(Fq3,
+        FQ_ZERO,
+        FQ_ZERO,
+        field_new!(Fq, BigInteger832([
+            0x781c76643018bd7a,
+            0x64f3a5a4f1d1ad48,
+            0xd2f8a1eb4f72692d,
+            0xc35eb123c6ed72ca,
+            0xb58d6bcfd32de058,
+            0x841eab13b02a492c,
+            0x4b70dc5a54c487e7,
+            0x2f231a8808a74c59,
+            0x5e2915154d70b050,
+            0x8a40fa16f37a6b37,
+            0xd01980093a72c54b,
+            0xef6845c25398004c,
+            0x48,
+        ])),
+    );
+
+    /// COEFF_B = (G1::COEFF_B * TWIST^3, 0, 0) =
+    /// (7237353553714858194254855835825640240663090882935418626687402315497764195116318527743248304684159666286416318482685337633828994152723793439622384740540789612754127688659139509552568164770448654259255628317166934203899992395064470477612,
+    /// 0, 0)
+    #[rustfmt::skip]
+    const COEFF_B: Fq3 = field_new!(Fq3,
+        field_new!(Fq, BigInteger832([
+            0xc00a9afc5cbce615,
+            0x0260c2b730644102,
+            0x9051e955661691ec,
+            0x15f9af8514839e37,
+            0xfa62826ca407172b,
+            0x37043dc868f48874,
+            0x876b5588d132b025,
+            0x481952128335562a,
+            0x4ffa729aeddd7dcd,
+            0xe181a5dae94a399f,
+            0x671fb50145b255d8,
+            0xbc3860730482d728,
+            0x00000000000023dd,
+        ])),
+        FQ_ZERO,
+        FQ_ZERO,
+    );
+
+    /// COFACTOR =
+    /// 43276679045916726782882096851503554444292580777869919574700824986947162516693702667493938255647666346010819253090121562084993205202476199057555142869892665220155573207800985012241638987472334344174208389303164492698303448192856551557283997344470334833850065978668184377503856699635686872344035470027430053642178229054516302338812152178131995800255516474185251732445975837621097393375441662426280154371264547168198834382681059556891327702516519955053315674076980350109237328216856859758931256208439575383786363605925879337208599843910819433766160937121108797819223653884174994325142959644019600
+    #[rustfmt::skip]
+    const COFACTOR: &'static [u64] = &[
+        0x4b77fca151d50b90,
+        0x8c98a12bd486d2fb,
+        0x1f0c9a51593693f8,
+        0x1d6f388069c063c1,
+        0x556e918748f06793,
+        0x2cea7dc01aae2140,
+        0x4216f0595cee44d0,
+        0x7a5e400154f633cf,
+        0xbb74eb9b6630846b,
+        0x8eb48c92998f3358,
+        0xbedd37f629e8e634,
+        0xc541018fe4d10cc7,
+        0x574956a099ace2c3,
+        0xa597504275948226,
+        0x7ecaaf050acb91f3,
+        0x0f25b044f4e9c932,
+        0xf8c39cbf0df97780,
+        0xd8f9eda95d6abf3e,
+        0xd1d80da227dd39c1,
+        0x8b589c61531dbce7,
+        0xfee4439281455474,
+        0x9eea59baa2aeb4a1,
+        0xa3b8a42c4e1e6f5a,
+        0xc4b99b0d9b077d21,
+        0xd09033887d09b4d2,
+        0x4a86d8ebb7fdf52a,
+        0xbe7ce44dd084e05d,
+        0x4ed25f7ebe6c44b3,
+        0xd7f8e3ef00255961,
+        0xa1ad2ad61580ef78,
+        0x19e70d3618ca3,
+    ];
+
+    /// COFACTOR^(-1) mod r =
+    /// 45586359457219724873147353901735745013467692594291916855200979604570630929674383405372210802279573887880950375598
+    #[rustfmt::skip]
+    const COFACTOR_INV: Fr = field_new!(Fr, BigInteger384([
+        7373687189387546408,
+        11284009518041539892,
+        301575489693670883,
+        13203058298476577559,
+        18441611830097862156,
+        4115759498196698,
+    ]));
+
+    /// AFFINE_GENERATOR_COEFFS = (G2_GENERATOR_X, G2_GENERATOR_Y)
+    const AFFINE_GENERATOR_COEFFS: (Self::BaseField, Self::BaseField) =
+        (G2_GENERATOR_X, G2_GENERATOR_Y);
+}
+
+const G2_GENERATOR_X: Fq3 =
+    field_new!(Fq3, G2_GENERATOR_X_C0, G2_GENERATOR_X_C1, G2_GENERATOR_X_C2);
+const G2_GENERATOR_Y: Fq3 =
+    field_new!(Fq3, G2_GENERATOR_Y_C0, G2_GENERATOR_Y_C1, G2_GENERATOR_Y_C2);
+
+/// G2_GENERATOR_X_C0 =
+/// 13426761183630949215425595811885033211332897733228446437546263564078445562454176776915160094418980045665397361295624472103734543457352048745726512354895954850428989867542989474136256025045975283415690491751906307188562464175510373683338
+#[rustfmt::skip]
+pub const G2_GENERATOR_X_C0: Fq = field_new!(Fq, BigInteger832([
+    0x03b3fe4c8d4ecac7,
+    0x9568212677524d1e,
+    0xf5de3f2228d187c1,
+    0x7bac772e31a420ef,
+    0x0255cf59968a612b,
+    0x991d4676f6b5d605,
+    0x02dd2ae4831d29ea,
+    0xbeca7c9a62e392c2,
+    0xfc1d0633d48d2fc5,
+    0x7867813be5f7d2a1,
+    0x6f567b6617030028,
+    0xf08c9fa6ca6809df,
+    0x0000000000000de9,
+]));
+
+/// G2_GENERATOR_X_C1 =
+/// 20471601555918880743198170952645906008198510944268658573129351735028343217532386920456705632337352161031960990613816401042894531220068552819818037605513359562118363589199569321421558696125646867661360498323171027455638052943806292028610
+#[rustfmt::skip]
+pub const G2_GENERATOR_X_C1: Fq = field_new!(Fq, BigInteger832([
+    0xefd1b506e5fbe05f,
+    0xad27d47a4975140c,
+    0xfa11540132dbc27a,
+    0x8dca42b6da7c4717,
+    0x66d30fd7fd76207a,
+    0xb8e4f65c68932b1d,
+    0x3b7f971e93ad14be,
+    0xf860a89f4e582f9f,
+    0x7d438aaa3986f73b,
+    0xa37ec0c18c6e106a,
+    0x9f2dfb98b5185b54,
+    0x19995e421ca939bc,
+    0x0000000000002f4f,
+]));
+
+/// G2_GENERATOR_X_C2 =
+/// 3905053196875761830053608605277158152930144841844497593936739534395003062685449846381431331169369910535935138116320442345524758217411779027270883193856999691582831339845600938304719916501940381093815781408183227875600753651697934495980
+#[rustfmt::skip]
+pub const G2_GENERATOR_X_C2: Fq = field_new!(Fq, BigInteger832([
+    0xc081ed832bdf911e,
+    0xb85ff7aeebdfe7b3,
+    0x96dce6bb307b14eb,
+    0x578f7ded84bd824c,
+    0xb799305a9971d184,
+    0x0116ad33c2874b90,
+    0x862dce68efdca245,
+    0x4190947c70534c1d,
+    0x1b1aa80334248d03,
+    0xb13b07aff63fcf27,
+    0x5727687b73ab4fff,
+    0xf559a7f4eb8d180a,
+    0x0000000000002d37,
+]));
+
+/// G2_GENERATOR_Y_C0 =
+/// 8567517639523571619872938228644013584947463594196306323477160496987712111576624702939472765993995586889532559039169098780892505598589581147768095093536988446010255611523736706017580686335404469207486594272103717837888228343074699140243
+#[rustfmt::skip]
+pub const G2_GENERATOR_Y_C0: Fq = field_new!(Fq, BigInteger832([
+    0x3f680b59e26b33d1,
+    0x720fdf65b9e15b17,
+    0x0f0b56def11247b1,
+    0x5ea05417c8a4a52c,
+    0x4ad59dc4f7c47a09,
+    0xf393e0db62107115,
+    0xde3b16404a53d2bb,
+    0xeaa74961636280e0,
+    0x2d16ccd14cf5a88c,
+    0x5667565a06187d0e,
+    0xb446fdc7565d0261,
+    0xd3ad395d6fd0faab,
+    0x0000000000000655,
+]));
+
+/// G2_GENERATOR_Y_C1 =
+/// 3890537069205870914984502594450293167889863914413852788876350245583932846980126025043974070704295857226211547108005650399870458089721518559480870503159804530091559886149680718531004778697982910253701559194337987238111062202037698927752
+#[rustfmt::skip]
+pub const G2_GENERATOR_Y_C1: Fq = field_new!(Fq, BigInteger832([
+    0x9e86cc63207679dd,
+    0x4e16d9a9d87c3e47,
+    0xdbee3524db80627d,
+    0x137322b87d93befc,
+    0x24a7ca2f9aae90a0,
+    0x44abea538df3e854,
+    0xc01d176c6e042eee,
+    0xf5fcc4caabc75699,
+    0x1f99972699a38960,
+    0x30d4cc8256bf963d,
+    0xa3634826edcfefff,
+    0x34f3bd0c8e5a4b38,
+    0x0000000000001d28,
+]));
+
+/// G2_GENERATOR_Y_C2 =
+/// 10936269922612615564271188303104593362724754284143779051599749016735041389483971486958818324356025479751246744831831158558101688599198721653921723013062333636402617118847009085485166284126970598561393411916461254016145116183331671450721
+#[rustfmt::skip]
+pub const G2_GENERATOR_Y_C2: Fq = field_new!(Fq, BigInteger832([
+    0xfc478105dedf3654,
+    0xa6fcfcfdd2710d6a,
+    0x05a68c283d5d4c65,
+    0x9fab8d94c667a679,
+    0x009b0a616ea54ff9,
+    0xf0df517bc7bc6382,
+    0xdb44338e7491f5b7,
+    0xcd192a7e53453f45,
+    0xa041a7a60982d92c,
+    0x4dd01c62bae4c7ff,
+    0x79a69a54e6b66178,
+    0xd47b0bfe832b05f8,
+    0x00000000000000ef,
+]));

cp6_782/src/curves/mod.rs

@@ -0,0 +1,223 @@
+use ark_ec::{models::SWModelParameters, PairingEngine};
+use ark_ff::{
+    biginteger::BigInteger832,
+    field_new,
+    fields::{BitIteratorBE, Field, FpParameters},
+    One,
+};
+
+use crate::{Fq, Fq3, Fq6, FqParameters, Fr};
+
+pub mod g1;
+pub use self::g1::{G1Affine, G1Projective};
+
+pub mod g2;
+pub use self::g2::{G2Affine, G2Projective};
+
+#[cfg(test)]
+mod tests;
+
+pub type GT = Fq6;
+
+#[derive(Copy, Clone, Debug, PartialEq, Eq)]
+pub struct CP6_782;
+
+impl PairingEngine for CP6_782 {
+    type Fr = Fr;
+    type G1Projective = G1Projective;
+    type G1Affine = G1Affine;
+    type G1Prepared = G1Affine;
+    type G2Projective = G2Projective;
+    type G2Affine = G2Affine;
+    type G2Prepared = G2Affine;
+    type Fq = Fq;
+    type Fqe = Fq3;
+    type Fqk = Fq6;
+
+    fn miller_loop<'a, I>(i: I) -> Self::Fqk
+    where
+        I: IntoIterator<Item = &'a (Self::G1Prepared, Self::G2Prepared)>,
+    {
+        let mut result = Self::Fqk::one();
+        for &(ref p, ref q) in i {
+            result *= &CP6_782::ate_miller_loop(p, q);
+        }
+        result
+    }
+
+    fn final_exponentiation(r: &Self::Fqk) -> Option<Self::Fqk> {
+        Some(CP6_782::final_exponentiation(r))
+    }
+}
+
+impl CP6_782 {
+    pub fn ate_pairing(p: &G1Affine, q: &G2Affine) -> GT {
+        CP6_782::final_exponentiation(&CP6_782::ate_miller_loop(p, q))
+    }
+
+    fn ate_miller_loop(p: &G1Affine, q: &G2Affine) -> Fq6 {
+        let px = p.x;
+        let py = p.y;
+        let qx = q.x;
+        let qy = q.y;
+        let mut py_twist_squared = TWIST.square();
+        py_twist_squared.mul_assign_by_fp(&py);
+
+        let mut old_rx;
+        let mut old_ry;
+        let mut rx = qx;
+        let mut ry = qy;
+        let mut f = Fq6::one();
+
+        // The for loop is executed for all bits (EXCEPT the MSB itself) of
+        // cp6_782_param_p (skipping leading zeros) in MSB to LSB order
+        for bit in BitIteratorBE::without_leading_zeros(ATE_LOOP_COUNT).skip(1) {
+            old_rx = rx;
+            old_ry = ry;
+
+            let old_rx_square = old_rx.square();
+            let old_rx_square_3 = old_rx_square.double() + &old_rx_square;
+            let old_rx_square_3_a = old_rx_square_3 + &g2::Parameters::COEFF_A;
+            let old_ry_double_inverse = old_ry.double().inverse().unwrap();
+
+            let gamma = old_rx_square_3_a * &old_ry_double_inverse;
+            let gamma_twist = gamma * &TWIST;
+            let gamma_old_rx = gamma * &old_rx;
+            let mut gamma_twist_px = gamma_twist;
+            gamma_twist_px.mul_assign_by_fp(&px);
+
+            let x = py_twist_squared;
+            let y = gamma_old_rx - &old_ry - &gamma_twist_px;
+            let ell_rr_at_p = Fq6::new(x, y);
+
+            rx = gamma.square() - &old_rx.double();
+            ry = gamma * &(old_rx - &rx) - &old_ry;
+            f = f.square() * &ell_rr_at_p;
+
+            if bit {
+                old_rx = rx;
+                old_ry = ry;
+
+                let gamma = (old_ry - &qy) * &((old_rx - &qx).inverse().unwrap());
+                let gamma_twist = gamma * &TWIST;
+                let gamma_qx = gamma * &qx;
+                let mut gamma_twist_px = gamma_twist;
+                gamma_twist_px.mul_assign_by_fp(&px);
+
+                let x = py_twist_squared;
+                let y = gamma_qx - &qy - &gamma_twist_px;
+                let ell_rq_at_p = Fq6::new(x, y);
+
+                rx = gamma.square() - &old_rx - &qx;
+                ry = gamma * &(old_rx - &rx) - &old_ry;
+                f = f * &ell_rq_at_p;
+            }
+        }
+        f
+    }
+
+    fn final_exponentiation(value: &Fq6) -> GT {
+        let value_inv = value.inverse().unwrap();
+        let value_to_first_chunk = CP6_782::final_exponentiation_first(value, &value_inv);
+        let value_inv_to_first_chunk = CP6_782::final_exponentiation_first(&value_inv, value);
+        CP6_782::final_exponentiation_last(&value_to_first_chunk, &value_inv_to_first_chunk)
+    }
+
+    fn final_exponentiation_first(elt: &Fq6, elt_inv: &Fq6) -> Fq6 {
+        // (q^3-1)*(q+1)
+
+        // elt_q3 = elt^(q^3)
+        let mut elt_q3 = elt.clone();
+        elt_q3.frobenius_map(3);
+        // elt_q3_over_elt = elt^(q^3-1)
+        let elt_q3_over_elt = elt_q3 * elt_inv;
+        // alpha = elt^((q^3-1) * q)
+        let mut alpha = elt_q3_over_elt.clone();
+        alpha.frobenius_map(1);
+        // beta = elt^((q^3-1)*(q+1)
+        alpha * &elt_q3_over_elt
+    }
+
+    fn final_exponentiation_last(elt: &Fq6, elt_inv: &Fq6) -> Fq6 {
+        let mut elt_q = elt.clone();
+        elt_q.frobenius_map(1);
+
+        let w1_part = elt_q.cyclotomic_exp(&FINAL_EXPONENT_LAST_CHUNK_W1);
+        let w0_part = if FINAL_EXPONENT_LAST_CHUNK_W0_IS_NEG {
+            elt_inv.cyclotomic_exp(&FINAL_EXPONENT_LAST_CHUNK_ABS_OF_W0)
+        } else {
+            elt.cyclotomic_exp(&FINAL_EXPONENT_LAST_CHUNK_ABS_OF_W0)
+        };
+
+        w1_part * &w0_part
+    }
+}
+
+/// FQ_ZERO = 0
+pub const FQ_ZERO: Fq = field_new!(Fq, BigInteger832([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]));
+
+/// FQ_ONE = 1
+pub const FQ_ONE: Fq = field_new!(Fq, FqParameters::R);
+
+/// TWIST = (0, 1, 0)
+pub const TWIST: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
+
+/// ATE_IS_LOOP_COUNT_NEG = false
+pub const ATE_IS_LOOP_COUNT_NEG: bool = false;
+
+/// ATE_LOOP_COUNT =
+/// 506464946133393486072777102926336625944849939610982267859828541006717966526573193706126370441346337661774335955699621
+pub const ATE_LOOP_COUNT: [u64; 13] = [
+    0x55c5b9b57b942ae8,
+    0x3d52287d3dfd424a,
+    0xcf1ff9d6a543deb7,
+    0x820c9c5711ceeebc,
+    0x549a2d44305d20fe,
+    0x50f5c131afd70235,
+    0xab3596c8617c5792,
+    0x830c728d80f9d78b,
+    0x6a7223ee72023d07,
+    0xbc5d176b746af026,
+    0xe959283d8f526663,
+    0xc4d2263babf8941f,
+    0x3848,
+];
+
+/// FINAL_EXPONENT_LAST_CHUNK_W0_IS_NEG = true
+pub const FINAL_EXPONENT_LAST_CHUNK_W0_IS_NEG: bool = true;
+
+/// FINAL_EXPONENT_LAST_CHUNK_ABS_OF_W0 =
+/// 7000705447348627246181409558336018323010329260726930841638672011287206690002601216854775649561085256265269640040570922609783227469279331691880282815325569032149343779036142830666859805506518426649197067288711084398033
+pub const FINAL_EXPONENT_LAST_CHUNK_ABS_OF_W0: BigInteger832 = BigInteger832([
+    0xb62ef36af72855d1,
+    0x676b5cef49d290fa,
+    0xd17fcf3c60947427,
+    0x5b93d992bc1b2849,
+    0x2171887cecd072cb,
+    0x879a2873f1516f4a,
+    0x8cc6856bd2cdf24e,
+    0xbff4fb6644d01993,
+    0x5dcbeea3e31ea667,
+    0x5f256f47681649f3,
+    0x2355a2b0839967fe,
+    0x144ed,
+    0x0,
+]);
+
+/// FINAL_EXPONENT_LAST_CHUNK_W1 =
+/// 86482221941698704497288378992285180119495364068003923046442785886272123124361700722982503222189455144364945735564951562986
+pub const FINAL_EXPONENT_LAST_CHUNK_W1: BigInteger832 = BigInteger832([
+    0x5657b9b57b942aea,
+    0x84f9a65f3bd54eaf,
+    0x5ea4214e35cd127,
+    0xe3cbcbc14ec1501d,
+    0xf196cb845a3092ab,
+    0x7e14627ad0e19017,
+    0x217db4,
+    0x0,
+    0x0,
+    0x0,
+    0x0,
+    0x0,
+    0x0,
+]);

cp6_782/src/curves/tests.rs

@@ -0,0 +1,77 @@
+use ark_ec::{AffineCurve, PairingEngine, ProjectiveCurve};
+use ark_ff::{test_rng, Field, One, PrimeField};
+use rand::Rng;
+
+use crate::*;
+
+use ark_curve_tests::{curves::*, groups::*};
+
+#[test]
+fn test_g1_projective_curve() {
+    curve_tests::<G1Projective>();
+
+    sw_tests::<g1::Parameters>();
+}
+
+#[test]
+fn test_g1_projective_group() {
+    let mut rng = test_rng();
+    let a: G1Projective = rng.gen();
+    let b: G1Projective = rng.gen();
+    group_test(a, b);
+}
+
+#[test]
+fn test_g1_generator() {
+    let generator = G1Affine::prime_subgroup_generator();
+    assert!(generator.is_on_curve());
+    assert!(generator.is_in_correct_subgroup_assuming_on_curve());
+}
+
+#[test]
+fn test_g2_projective_curve() {
+    curve_tests::<G2Projective>();
+
+    sw_tests::<g2::Parameters>();
+}
+
+#[test]
+fn test_g2_projective_group() {
+    let mut rng = test_rng();
+    let a: G2Projective = rng.gen();
+    let b: G2Projective = rng.gen();
+    group_test(a, b);
+}
+
+#[test]
+fn test_g2_generator() {
+    let generator = G2Affine::prime_subgroup_generator();
+    assert!(generator.is_on_curve());
+    assert!(generator.is_in_correct_subgroup_assuming_on_curve());
+}
+
+#[test]
+fn test_bilinearity() {
+    let mut rng = test_rng();
+    let a: G1Projective = rng.gen();
+    let b: G2Projective = rng.gen();
+    let s: Fr = rng.gen();
+
+    let sa = a.mul(s);
+    let sb = b.mul(s);
+
+    let ans1 = CP6_782::pairing(sa, b);
+    let ans2 = CP6_782::pairing(a, sb);
+    let ans3 = CP6_782::pairing(a, b).pow(s.into_repr());
+
+    assert_eq!(ans1, ans2);
+    assert_eq!(ans2, ans3);
+
+    assert_ne!(ans1, Fq6::one());
+    assert_ne!(ans2, Fq6::one());
+    assert_ne!(ans3, Fq6::one());
+
+    assert_eq!(ans1.pow(Fr::characteristic()), Fq6::one());
+    assert_eq!(ans2.pow(Fr::characteristic()), Fq6::one());
+    assert_eq!(ans3.pow(Fr::characteristic()), Fq6::one());
+}

cp6_782/src/fields/fq.rs

@@ -0,0 +1,166 @@
+use ark_ff::{
+    biginteger::BigInteger832 as BigInteger,
+    fields::{FftParameters, Fp832, Fp832Parameters, FpParameters},
+};
+
+pub type Fq = Fp832<FqParameters>;
+
+pub struct FqParameters;
+
+impl Fp832Parameters for FqParameters {}
+impl FftParameters for FqParameters {
+    type BigInt = BigInteger;
+
+    const TWO_ADICITY: u32 = 3;
+
+    #[rustfmt::skip]
+    const TWO_ADIC_ROOT_OF_UNITY: BigInteger = BigInteger([
+        18044746167194862600u64,
+        63590321303744709u64,
+        5009346151370959890u64,
+        2859114157767503991u64,
+        8301813204852325413u64,
+        5629414263664332594u64,
+        2637340888701394641u64,
+        17433538052687852753u64,
+        2230763098934759248u64,
+        3785382115983092023u64,
+        8895511354022222370u64,
+        15792083141709071785u64,
+        1328u64,
+    ]);
+}
+impl FpParameters for FqParameters {
+    /// MODULUS = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577
+    #[rustfmt::skip]
+    const MODULUS: BigInteger = BigInteger([
+        0xdace79b57b942ae9,
+        0x545d85c16dfd424a,
+        0xee135c065f4d26b7,
+        0x9c2f764a12c4024b,
+        0x1ad533049cfe6a39,
+        0x52a3fb77c79c1320,
+        0xab3596c8617c5792,
+        0x830c728d80f9d78b,
+        0x6a7223ee72023d07,
+        0xbc5d176b746af026,
+        0xe959283d8f526663,
+        0xc4d2263babf8941f,
+        0x3848,
+    ]);
+
+    const MODULUS_BITS: u32 = 782;
+
+    const CAPACITY: u32 = Self::MODULUS_BITS - 1;
+
+    const REPR_SHAVE_BITS: u32 = 50;
+
+    #[rustfmt::skip]
+    const R: BigInteger = BigInteger([
+        11190988450819017841u64,
+        16170411717126802030u64,
+        2265463223430229059u64,
+        16946880912571045974u64,
+        11155248462028513229u64,
+        12855672356664541314u64,
+        8489376931127408159u64,
+        2655797810825538098u64,
+        9648483887143916718u64,
+        17514963461276738952u64,
+        16777089214204267338u64,
+        15649035958020076168u64,
+        8659u64,
+    ]);
+
+    #[rustfmt::skip]
+    const R2: BigInteger = BigInteger([
+        13983406830510863714u64,
+        17863856572171232656u64,
+        1698388424046564526u64,
+        1773634430448388392u64,
+        8684647957094413275u64,
+        3992637317298078843u64,
+        18420879196616862245u64,
+        3238482510270583127u64,
+        7928200707794018216u64,
+        10024831010452223910u64,
+        9613847725664942650u64,
+        15361265984156787358u64,
+        7833u64,
+    ]);
+
+    const INV: u64 = 14469047335842394791u64;
+
+    /// GENERATOR = 13
+    #[rustfmt::skip]
+    const GENERATOR: BigInteger = BigInteger([
+        16669393626057438558u64,
+        1640520694378723217u64,
+        1598646156981121135u64,
+        12401834967100173388u64,
+        2356467520877704673u64,
+        14759118825104212161u64,
+        5556628239575210651u64,
+        5317520392768798654u64,
+        16398429955031064995u64,
+        3556102264904210145u64,
+        8166834915717907988u64,
+        11926665585800594452u64,
+        11716u64,
+    ]);
+
+    #[rustfmt::skip]
+    const MODULUS_MINUS_ONE_DIV_TWO: BigInteger = BigInteger([
+        0x6d673cdabdca1574,
+        0xaa2ec2e0b6fea125,
+        0xf709ae032fa6935b,
+        0xce17bb2509620125,
+        0xd6a99824e7f351c,
+        0x2951fdbbe3ce0990,
+        0xd59acb6430be2bc9,
+        0xc1863946c07cebc5,
+        0x353911f739011e83,
+        0xde2e8bb5ba357813,
+        0xf4ac941ec7a93331,
+        0x6269131dd5fc4a0f,
+        0x1c24,
+    ]);
+
+    // (T - 1)/2 =
+    // 1398117143679731058146671387906315933423474966581074036386468539227923378278626533764529938634242576261128410962740119034868607201414583335758422276643816405480145410934911750070786645716409577212967755581539567265673914343284832551598
+    #[rustfmt::skip]
+    const T_MINUS_ONE_DIV_TWO: BigInteger = BigInteger([
+        0xadace79b57b942ae,
+        0x7545d85c16dfd424,
+        0xbee135c065f4d26b,
+        0x99c2f764a12c4024,
+        0x1ad533049cfe6a3,
+        0x252a3fb77c79c132,
+        0xbab3596c8617c579,
+        0x7830c728d80f9d78,
+        0x66a7223ee72023d0,
+        0x3bc5d176b746af02,
+        0xfe959283d8f52666,
+        0x8c4d2263babf8941,
+        0x384,
+    ]);
+
+    // T =
+    // 2796234287359462116293342775812631866846949933162148072772937078455846756557253067529059877268485152522256821925480238069737214402829166671516844553287632810960290821869823500141573291432819154425935511163079134531347828686569665103197
+    #[rustfmt::skip]
+    const T: BigInteger = BigInteger([
+        0x5b59cf36af72855d,
+        0xea8bb0b82dbfa849,
+        0x7dc26b80cbe9a4d6,
+        0x3385eec942588049,
+        0x35aa660939fcd47,
+        0x4a547f6ef8f38264,
+        0x7566b2d90c2f8af2,
+        0xf0618e51b01f3af1,
+        0xcd4e447dce4047a0,
+        0x778ba2ed6e8d5e04,
+        0xfd2b2507b1ea4ccc,
+        0x189a44c7757f1283,
+        0x709,
+    ]);
+}

cp6_782/src/fields/fq3.rs

@@ -0,0 +1,204 @@
+use crate::Fq;
+use ark_ff::{
+    biginteger::BigInteger832 as BigInteger,
+    field_new,
+    fields::fp3::{Fp3, Fp3Parameters},
+    Field,
+};
+
+pub type Fq3 = Fp3<Fq3Parameters>;
+
+pub struct Fq3Parameters;
+
+impl Fp3Parameters for Fq3Parameters {
+    type Fp = Fq;
+
+    /// NONRESIDUE = 13
+    #[rustfmt::skip]
+    const NONRESIDUE: Fq = field_new!(Fq, BigInteger([
+        0xe755952f4650755e,
+        0x16c44ce1331ef791,
+        0x162f8835b467306f,
+        0xac1c2b31e1062c4c,
+        0x20b3dab9a2a935e1,
+        0xccd2ec5fd01e00c1,
+        0x4d1d1bf190c8da9b,
+        0x49cba09fb0e13fbe,
+        0xe392ed2957c061a3,
+        0x3159d02b3c93d6e1,
+        0x71566d160a9f8614,
+        0xa5840728fc854414,
+        0x2dc4,
+    ]));
+
+    const TWO_ADICITY: u32 = 3;
+
+    #[rustfmt::skip]
+    const T_MINUS_ONE_DIV_TWO: &'static [u64] = &[
+        0x62730e2cd2029617,
+        0x660647f735cb88cf,
+        0x274359d60784f69d,
+        0x83067194eb102629,
+        0x54ea4a12a9381160,
+        0xade0b24e398dac25,
+        0xb476ae9f927e81cb,
+        0x220fd4a9178adc3b,
+        0x57e0cb9b0569745b,
+        0xba15024addc8f52e,
+        0x145b9bc116144ab6,
+        0x6bc2260726e88b15,
+        0x51da6bf151066474,
+        0x9fd1b3190f6320cf,
+        0x2097bfb7bf4167b0,
+        0x27c35b1e7e628e09,
+        0x94f80c9d623dd9bb,
+        0x20bfa6d5bf31e7d3,
+        0x19fb862c049d3a8,
+        0xdf4c5efe04c0cec1,
+        0x32c9a8abe9b50297,
+        0x268d5c2076b44f0a,
+        0x76027ec67b23ca21,
+        0x248d61e0c45d270,
+        0x419cd0d1d6be027e,
+        0xbcd8dc3b1986ef18,
+        0x73093d8719c862c2,
+        0x651d60f8f9f6fcd9,
+        0x8dabebe38a09b261,
+        0xfa85b5a9e180cd3f,
+        0x6a97fc618f319fb7,
+        0xce08b93a5652a8e1,
+        0x37525cbc4ba24cf9,
+        0xb104c580df9d2150,
+        0x1407c1bfe240a89d,
+        0x34c96a73372daf9a,
+        0x2b87fda171,
+    ];
+
+    #[rustfmt::skip]
+    const QUADRATIC_NONRESIDUE_TO_T: (Fq, Fq, Fq) = (
+        field_new!(Fq, BigInteger([
+            0x59987c0ef8e31739,
+            0x59578d750d6f57dd,
+            0x9672547570dddab8,
+            0x1a1f630e1d6dbdd5,
+            0xde15f46e52d7613e,
+            0x6a1b6e4f80179926,
+            0x461ad119d93123b,
+            0x12054e3654907ed9,
+            0x85ea06b12bf811a0,
+            0xc01d53d07347f9ec,
+            0x70c424eb666c3922,
+            0x1796ce4ed605d49e,
+            0x68b,
+        ])),
+        field_new!(Fq, BigInteger([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0])),
+        field_new!(Fq, BigInteger([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0])),
+    );
+
+    #[rustfmt::skip]
+    const FROBENIUS_COEFF_FP3_C1: &'static [Fq] = &[
+        field_new!(Fq, BigInteger([
+            0x9b4e60b420910c71,
+            0xe068d7c83f284a6e,
+            0x1f708acc7c452c43,
+            0xeb2f6a66cca51856,
+            0x9acf675f886e9fcd,
+            0xb26885e567cc8082,
+            0x75d05357183eb61f,
+            0x24db4a09b5842a32,
+            0x85e64cf9ba4b14ae,
+            0xf311a6784358a588,
+            0xe8d431c061aecb4a,
+            0xd92c8b4aab19f288,
+            0x21d3,
+        ])),
+        field_new!(Fq, BigInteger([
+            0xe793e750fc0c0fdc,
+            0x28cd75f5634a867e,
+            0xde5e9b1261eb3c33,
+            0x68a0fb1c17595903,
+            0x19626d2c9f392e46,
+            0xc4d95794cb378b83,
+            0x54870f1f582d67c9,
+            0xf3f1a0ac4aceb56d,
+            0x811361215ea4fd47,
+            0x32cd6ee17d95bd00,
+            0x725f9881049a9c52,
+            0x5acb70be0613a307,
+            0x11bb,
+        ])),
+        field_new!(Fq, BigInteger([
+            0x57ec31b05ef70e9c,
+            0x4b273803cb8a715d,
+            0xf0443627811cbe40,
+            0x485f10c72ec590f1,
+            0x66a35e7875569c25,
+            0xdb621dfd9498071a,
+            0xe0de3451f11039a8,
+            0x6a3f87d780a6f7eb,
+            0x637875d359122b11,
+            0x967e0211b37c8d9d,
+            0x8e255dfc2908fec6,
+            0x90da2a32facafe8f,
+            0x4b9,
+        ])),
+    ];
+
+    #[rustfmt::skip]
+    const FROBENIUS_COEFF_FP3_C2: &'static [Fq] = &[
+        field_new!(Fq, BigInteger([
+            0x9b4e60b420910c71,
+            0xe068d7c83f284a6e,
+            0x1f708acc7c452c43,
+            0xeb2f6a66cca51856,
+            0x9acf675f886e9fcd,
+            0xb26885e567cc8082,
+            0x75d05357183eb61f,
+            0x24db4a09b5842a32,
+            0x85e64cf9ba4b14ae,
+            0xf311a6784358a588,
+            0xe8d431c061aecb4a,
+            0xd92c8b4aab19f288,
+            0x21d3,
+        ])),
+        field_new!(Fq, BigInteger([
+            0x57ec31b05ef70e9c,
+            0x4b273803cb8a715d,
+            0xf0443627811cbe40,
+            0x485f10c72ec590f1,
+            0x66a35e7875569c25,
+            0xdb621dfd9498071a,
+            0xe0de3451f11039a8,
+            0x6a3f87d780a6f7eb,
+            0x637875d359122b11,
+            0x967e0211b37c8d9d,
+            0x8e255dfc2908fec6,
+            0x90da2a32facafe8f,
+            0x4b9,
+        ])),
+        field_new!(Fq, BigInteger([
+            0xe793e750fc0c0fdc,
+            0x28cd75f5634a867e,
+            0xde5e9b1261eb3c33,
+            0x68a0fb1c17595903,
+            0x19626d2c9f392e46,
+            0xc4d95794cb378b83,
+            0x54870f1f582d67c9,
+            0xf3f1a0ac4aceb56d,
+            0x811361215ea4fd47,
+            0x32cd6ee17d95bd00,
+            0x725f9881049a9c52,
+            0x5acb70be0613a307,
+            0x11bb,
+        ])),
+    ];
+
+    #[inline(always)]
+    fn mul_fp_by_nonresidue(fe: &Self::Fp) -> Self::Fp {
+        let original = *fe;
+        let mut four_fe = fe.double();
+        four_fe.double_in_place();
+        let eight_fe = four_fe.double();
+        eight_fe + &four_fe + &original
+    }
+}

cp6_782/src/fields/fq6.rs

@@ -0,0 +1,112 @@
+use crate::{Fq, Fq3, Fq3Parameters, FQ_ONE, FQ_ZERO};
+use ark_ff::{
+    biginteger::BigInteger832 as BigInteger,
+    field_new,
+    fields::fp6_2over3::{Fp6, Fp6Parameters},
+};
+
+pub type Fq6 = Fp6<Fq6Parameters>;
+
+pub struct Fq6Parameters;
+
+impl Fp6Parameters for Fq6Parameters {
+    type Fp3Params = Fq3Parameters;
+
+    /// NONRESIDUE = (0, 1, 0).
+    #[rustfmt::skip]
+    const NONRESIDUE: Fq3 = field_new!(Fq3, FQ_ZERO, FQ_ONE, FQ_ZERO);
+
+    #[rustfmt::skip]
+    const FROBENIUS_COEFF_FP6_C1: &'static [Fq] = &[
+        field_new!(Fq, BigInteger([
+            0x9b4e60b420910c71,
+            0xe068d7c83f284a6e,
+            0x1f708acc7c452c43,
+            0xeb2f6a66cca51856,
+            0x9acf675f886e9fcd,
+            0xb26885e567cc8082,
+            0x75d05357183eb61f,
+            0x24db4a09b5842a32,
+            0x85e64cf9ba4b14ae,
+            0xf311a6784358a588,
+            0xe8d431c061aecb4a,
+            0xd92c8b4aab19f288,
+            0x21d3,
+        ])),
+        field_new!(Fq, BigInteger([
+            0x82e248051c9d1c4d,
+            0x9364dbda272d0ed,
+            0xfdcf25dede306877,
+            0x53d06582e3fe7159,
+            0xb431d48c27a7ce14,
+            0x7741dd7a33040c05,
+            0xca576276706c1de9,
+            0x18cceab60052df9f,
+            0x6f9ae1b18f011f6,
+            0x25df1559c0ee6289,
+            0x5b33ca416649679d,
+            0x33f7fc08b12d9590,
+            0x338f,
+        ])),
+        field_new!(Fq, BigInteger([
+            0xe793e750fc0c0fdc,
+            0x28cd75f5634a867e,
+            0xde5e9b1261eb3c33,
+            0x68a0fb1c17595903,
+            0x19626d2c9f392e46,
+            0xc4d95794cb378b83,
+            0x54870f1f582d67c9,
+            0xf3f1a0ac4aceb56d,
+            0x811361215ea4fd47,
+            0x32cd6ee17d95bd00,
+            0x725f9881049a9c52,
+            0x5acb70be0613a307,
+            0x11bb,
+        ])),
+        field_new!(Fq, BigInteger([
+            0x3f8019015b031e78,
+            0x73f4adf92ed4f7dc,
+            0xcea2d139e307fa73,
+            0xb1000be3461ee9f5,
+            0x8005cba5148fca6b,
+            0xa03b75925fcf929d,
+            0x35654371493da172,
+            0x5e312883cb75ad59,
+            0xe48bd6f4b7b72859,
+            0xc94b70f331124a9d,
+            0x84f67d2da39b18,
+            0xeba59af100dea197,
+            0x1674,
+        ])),
+        field_new!(Fq, BigInteger([
+            0x57ec31b05ef70e9c,
+            0x4b273803cb8a715d,
+            0xf0443627811cbe40,
+            0x485f10c72ec590f1,
+            0x66a35e7875569c25,
+            0xdb621dfd9498071a,
+            0xe0de3451f11039a8,
+            0x6a3f87d780a6f7eb,
+            0x637875d359122b11,
+            0x967e0211b37c8d9d,
+            0x8e255dfc2908fec6,
+            0x90da2a32facafe8f,
+            0x4b9,
+        ])),
+        field_new!(Fq, BigInteger([
+            0xf33a92647f881b0d,
+            0x2b900fcc0ab2bbcb,
+            0xfb4c0f3fd61ea84,
+            0x338e7b2dfb6aa948,
+            0x172c5d7fdc53bf3,
+            0x8dcaa3e2fc64879d,
+            0x56ae87a9094eefc8,
+            0x8f1ad1e1362b221e,
+            0xe95ec2cd135d3fbf,
+            0x898fa889f6d53325,
+            0x76f98fbc8ab7ca11,
+            0x6a06b57da5e4f118,
+            0x268d,
+        ])),
+    ];
+}

cp6_782/src/fields/fr.rs

@@ -0,0 +1 @@
+pub use ark_bls12_377::{Fq as Fr, FqParameters as FrParameters};

cp6_782/src/fields/mod.rs

@@ -0,0 +1,14 @@
+pub mod fr;
+pub use self::fr::*;
+
+pub mod fq;
+pub use self::fq::*;
+
+pub mod fq3;
+pub use self::fq3::*;
+
+pub mod fq6;
+pub use self::fq6::*;
+
+#[cfg(all(feature = "cp6_782", test))]
+mod tests;

cp6_782/src/fields/tests.rs

@@ -0,0 +1,51 @@
+use ark_ff::{test_rng, Field, PrimeField};
+use ark_serialize::{buffer_bit_byte_size, CanonicalSerialize};
+use rand::Rng;
+
+use crate::*;
+
+use ark_curve_tests::fields::*;
+
+#[test]
+fn test_fr() {
+    let mut rng = test_rng();
+    let a: Fr = rng.gen();
+    let b: Fr = rng.gen();
+    field_test(a, b);
+    sqrt_field_test(a);
+    primefield_test::<Fr>();
+}
+
+#[test]
+fn test_fq() {
+    let mut rng = test_rng();
+    let a: Fq = rng.gen();
+    let b: Fq = rng.gen();
+    field_test(a, b);
+    primefield_test::<Fq>();
+    sqrt_field_test(a);
+
+    let byte_size = a.serialized_size();
+    let (_, buffer_size) = buffer_bit_byte_size(Fq::size_in_bits());
+    assert_eq!(byte_size, buffer_size);
+    field_serialization_test::<Fq>(byte_size);
+}
+
+#[test]
+fn test_fq3() {
+    let mut rng = test_rng();
+    let a: Fq3 = rng.gen();
+    let b: Fq3 = rng.gen();
+    field_test(a, b);
+    sqrt_field_test(a);
+    frobenius_test::<Fq3, _>(Fq::characteristic(), 13);
+}
+
+#[test]
+fn test_fq6() {
+    let mut rng = test_rng();
+    let a: Fq6 = rng.gen();
+    let b: Fq6 = rng.gen();
+    field_test(a, b);
+    frobenius_test::<Fq6, _>(Fq::characteristic(), 13);
+}

cp6_782/src/lib.rs

@@ -0,0 +1,33 @@
+#![cfg_attr(not(feature = "std"), no_std)]
+#![deny(
+    warnings,
+    unused,
+    future_incompatible,
+    nonstandard_style,
+    rust_2018_idioms
+)]
+#![forbid(unsafe_code)]
+
+//! This library implements the CP6_782 curve generated in [[BCGMMW20, “Zexe”]](https://eprint.iacr.org/2018/962).
+//! The name denotes that it was generated using the Cocks--Pinch method for the embedding degree 6.
+//! The main feature of this curve is that the scalar field equals the base field of the BLS12_377 curve.
+//!
+//! Curve information:
+//! * Base field: q = 22369874298875696930346742206501054934775599465297184582183496627646774052458024540232479018147881220178054575403841904557897715222633333372134756426301062487682326574958588001132586331462553235407484089304633076250782629492557320825577
+//! * Scalar field: r = 258664426012969094010652733694893533536393512754914660539884262666720468348340822774968888139573360124440321458177
+//! * valuation(q - 1, 2) = 3
+//! * valuation(r - 1, 2) = 46
+//!
+//! G1 curve equation: y^2 = x^3 + ax + b, where
+//! * a = 5,
+//! * b = 17764315118651679038286329069295091506801468118146712649886336045535808055361274148466772191243305528312843236347777260247138934336850548243151534538734724191505953341403463040067571652261229308333392040104884438208594329793895206056414,
+//!
+//! G2 curve equation: y^2 = x^3 + Ax + B
+//! * A = Fq3(0, 0, 5)
+//! * B = Fq3(7237353553714858194254855835825640240663090882935418626687402315497764195116318527743248304684159666286416318482685337633828994152723793439622384740540789612754127688659139509552568164770448654259255628317166934203899992395064470477612, 0, 0)
+
+mod curves;
+mod fields;
+
+pub use curves::*;
+pub use fields::*;