On the Efficiency of Pollard's Rho Method for Discrete Logarithms

نویسندگان

  • Shi Bai
  • Richard P. Brent
چکیده

Pollard’s rho method is a randomized algorithm for computing discrete logarithms. It works by defining a pseudo-random sequence and then detecting a match in the sequence. Many improvements have been proposed, while few evaluation results and efficiency suggestions have been reported. This paper is devoted to a detailed study of the efficiency issues in Pollard’s rho method. We describe an empirical performance analysis of several widely applied algorithms. This should provide a better combination of algorithms and a good choice of parameters for Pollard’s rho method.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An Efficient Collision Detection Method for Computing Discrete Logarithms with Pollard's Rho

Pollard’s rho method and its parallelized variant are at present known as the best generic algorithms for computing discrete logarithms. However, when we compute discrete logarithms in cyclic groups of large orders using Pollard’s rho method, collision detection is always a high time and space consumer. In this paper, we present a new efficient collision detection algorithm for Pollard’s rho me...

متن کامل

Speeding Up Pollard's Rho Method for Computing Discrete Logarithms

In Pollard's rho method, an iterating function f is used to de-ne a sequence (yi) by yi+1 = f(yi) for i = 0; 1; 2; : : :, with some starting value y0. In this paper, we deene and discuss new iterating functions for computing discrete logarithms with the rho method. We compare their performances in experiments with elliptic curve groups. Our experiments show that one of our newly deened function...

متن کامل

Collision bounds for the additive Pollard rho algorithm for solving discrete logarithms

We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group G. Unlike the setting studied by Kim et al., we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound O. p jGj/ by a factor of p log jGj and are based on mixing time estimates f...

متن کامل

Better Random Walks for Pollard's Rho Method

We consider Pollard's rho method for discrete logarithm computation. In the analysis of its running time, the crucial assumption is made that a random walk in the underlying group is simulated. We show that this assumption does not exactly hold for the walk originally suggested by Pollard. We study alternative walks that can be eeciently applied to compute discrete logarithms. We introduce a cl...

متن کامل

On random walks for Pollard's rho method

We consider Pollard’s rho method for discrete logarithm computation. Usually, in the analysis of its running time the assumption is made that a random walk in the underlying group is simulated. We show that this assumption does not hold for the walk originally suggested by Pollard: its performance is worse than in the random case. We study alternative walks that can be efficiently applied to co...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008