2^255-19以FieldElement51和FieldElement2526表示及BASEPOINT_ODD_LOOKUP_TABLE获取方式

p = 2 255 − 19 p=2^{255}-19 p=2255−19

1. 2 255 − 19 2^{255}-19 2255−19以FieldElement51表示

对应的公式为： f = f 0 + f 1 2 51 x + f 2 2 102 x 2 + f 3 2 153 x 3 + f 4 2 204 x 4 f=f_0+f_12^{51}x+f_22^{102}x^2+f_32^{153}x^3+f_42^{204}x^4 f=f0​+f1​251x+f2​2102x2+f3​2153x3+f4​2204x4 对应的sage验证为：

sage: 16*(2^255-19)
926336713898529563388567880069503262826159877325124512315660672063305037119184
sage: (2^255-19)
57896044618658097711785492504343953926634992332820282019728792003956564819949
sage: 36028797018963664+36028797018963952*2^51+36028797018963952*2^102+360287970
....: 18963952*2^153+36028797018963952*2^204
926336713898529563388567880069503262826159877325124512315660672063305037119184

2. 2 255 − 19 2^{255}-19 2255−19以FieldElement2526表示

f = f 0 + f 1 2 26 x + f 2 2 51 x 2 + f 3 2 77 x 3 + f 4 2 102 x 4 + f 5 2 128 x 5 + f 6 2 153 x 6 + f 7 2 179 x 7 + f 8 2 204 x 8 + f 9 2 230 x 9 f=f_0+f_12^{26}x+f_22^{51}x^2+f_32^{77}x^3+f_42^{102}x^4+f_52^{128}x^5+f_62^{153}x^6+f_72^{179}x^7+f_82^{204}x^8+f_92^{230}x^9 f=f0​+f1​226x+f2​251x2+f3​277x3+f4​2102x4+f5​2128x5+f6​2153x6+f7​2179x7+f8​2204x8+f9​2230x9 博客dalek-Curve25519 avx2并行计算学习笔记中指出：对于4 field elements vector ( a , b , c , d ) (a,b,c,d) (a,b,c,d)可以 [ u 32 × 8 ; 5 ] [u32\times8;5] [u32×8;5]数组（以little-endian形式）来表示： ( a 0 , b 0 , a 1 , b 1 , c 0 , d 0 , c 1 , d 1 ) (a_0,b_0,a_1,b_1,c_0,d_0,c_1,d_1) (a0​,b0​,a1​,b1​,c0​,d0​,c1​,d1​) ( a 2 , b 2 , a 3 , b 3 , c 2 , d 2 , c 3 , d 3 ) (a_2,b_2,a_3,b_3,c_2,d_2,c_3,d_3) (a2​,b2​,a3​,b3​,c2​,d2​,c3​,d3​) ( a 4 , b 4 , a 5 , b 5 , c 4 , d 4 , c 5 , d 5 ) (a_4,b_4,a_5,b_5,c_4,d_4,c_5,d_5) (a4​,b4​,a5​,b5​,c4​,d4​,c5​,d5​) ( a 6 , b 6 , a 7 , b 7 , c 6 , d 6 , c 7 , d 7 ) (a_6,b_6,a_7,b_7,c_6,d_6,c_7,d_7) (a6​,b6​,a7​,b7​,c6​,d6​,c7​,d7​) ( a 8 , b 8 , a 9 , b 9 , c 8 , d 8 , c 9 , d 9 ) (a_8,b_8,a_9,b_9,c_8,d_8,c_9,d_9) (a8​,b8​,a9​,b9​,c8​,d8​,c9​,d9​)

( 2 p , 2 p , 2 p , 2 p ) (2p,2p,2p,2p) (2p,2p,2p,2p)对应以 [ u 32 × 8 ; 5 ] [u32\times8;5] [u32×8;5]数组（以little-endian形式）来表示： [P_TIMES_2_LO,P_TIMES_2_HI,P_TIMES_2_HI,P_TIMES_2_HI,P_TIMES_2_HI]

相应的sage脚本验证为：

sage:  67108845+(33554431 *2^26)+(67108863 *2^51)+(33554431 *2^77)+ (67108863 *2
....: ^102)+(33554431 *2^128) +(67108863 *2^153)+(33554431 *2^179)+(67108863 *2^
....: 204)+(33554431 *2^230)
57896044618658097711785492504343953926634992332820282019728792003956564819949
sage: (2^255-19)
57896044618658097711785492504343953926634992332820282019728792003956564819949

3. BASEPOINT_ODD_LOOKUP_TABLE的获取方式

在src/backend/vector/avx2/edwards.rs中：

let basepoint_odd_lookup_table = NafLookupTable8::::from(&constants::ED25519_BASEPOINT_POINT);
println!("BASEPOINT_ODD_LOOKUP_TABLE is: {:?}", basepoint_odd_lookup_table);