Non-Degeneracy of Pollard Rho Collisions
نویسندگان
چکیده
منابع مشابه
Non-degeneracy of Pollard Rho Collisions
The Pollard ρ algorithm is a widely used algorithm for solving discrete logarithms on general cyclic groups, including elliptic curves. Recently the first nontrivial runtime estimates were provided for it, culminating in a sharp O( √ n) bound for the collision time on a cyclic group of order n [4]. In this paper we show that for n satisfying a mild arithmetic condition, the collisions guarantee...
متن کاملSpectral Analysis of Pollard Rho Collisions
We show that the classical Pollard ρ algorithm for discrete logarithms produces a collision in expected time O( √ n(log n)). This is the first nontrivial rigorous estimate for the collision probability for the unaltered Pollard ρ graph, and is close to the conjectured optimal bound of O( √ n). The result is derived by showing that the mixing time for the random walk on this graph is O((log n));...
متن کاملScalability of the Parallelized Pollard Rho Method
The integrity of elliptic curve cryptography (ECC) stems from the presumed complexity of the elliptic curve discrete logarithm problem (ECDLP). Thus, the study of algorithms to solve the ECDLP is essential for two reasons: (1) to establish the integrity of ECC, and (2) to guide designers in the choice of ECC parameters, such as the length of the parameters and the characteristics of the curve. ...
متن کاملSpeeding Up the Pollard Rho Method on Prime Fields
We propose a method to speed up the r-adding walk on multiplicative subgroups of the prime field. The r-adding walk is an iterating function used with the Pollard rho algorithm and is known to require less iterations than Pollard’s original iterating function in reaching a collision. Our main idea is to follow through the r-adding walk with only partial information about the nodes reached. The ...
متن کاملSubset-Restricted Random Walks for Pollard rho Method on Fpm
In this paper, we propose a variant of the Pollard rho method. We use an iterating function whose image size is much smaller than its domain and hence reaches a collision faster than the original iterating function. We also explicitly show how this general method can be applied to multiplicative subgroups of finite fields with large extension degree. The construction for finite fields uses a di...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Mathematics Research Notices
سال: 2008
ISSN: 1687-0247,1073-7928
DOI: 10.1093/imrn/rnn114