Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem
نویسندگان
چکیده
Some of the most efficient algorithms for finding the discrete logarithm involve pseudo-random implementations of Markov chains, with one or more “walks” proceeding until a collision occurs, i.e. some state is visited a second time. In this paper we develop a method for determining the expected time until the first collision. We use our technique to examine three methods for solving discrete-logarithm problems: Pollard’s Kangaroo, Pollard’s Rho, and a few versions of Gaudry-Schost. For the Kangaroo method we prove new and fairly precise matching upper and lower bounds. For the Rho method we prove the first rigorous non-trivial lower bound, and under a mild assumption show matching upper and lower bounds. Our Gaudry-Schost results are heuristic, but improve on the prior limited understanding of this method. We also give results for parallel versions of these algorithms.
منابع مشابه
The new protocol blind digital signature based on the discrete logarithm problem on elliptic curve
In recent years it has been trying that with regard to the question of computational complexity of discrete logarithm more strength and less in the elliptic curve than other hard issues, applications such as elliptic curve cryptography, a blind digital signature method, other methods such as encryption replacement DLP. In this paper, a new blind digital signature scheme based on elliptic curve...
متن کاملCollision bounds for the additive Pollard rho algorithm for solving discrete logarithms
We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group G. Unlike the setting studied by Kim et al., we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound O. p jGj/ by a factor of p log jGj and are based on mixing time estimates f...
متن کاملGeneralized Jacobian and Discrete Logarithm Problem on Elliptic Curves
Let E be an elliptic curve over the finite field F_{q}, P a point in E(F_{q}) of order n, and Q a point in the group generated by P. The discrete logarithm problem on E is to find the number k such that Q = kP. In this paper we reduce the discrete logarithm problem on E[n] to the discrete logarithm on the group F*_{q} , the multiplicative group of nonzero elements of Fq, in the case where n | q...
متن کاملAn efficient blind signature scheme based on the elliptic curve discrete logarithm problem
Elliptic Curve Cryptosystems (ECC) have recently received significant attention by researchers due to their high performance such as low computational cost and small key size. In this paper a novel untraceable blind signature scheme is presented. Since the security of proposed method is based on difficulty of solving discrete logarithm over an elliptic curve, performance of the proposed scheme ...
متن کاملNew Collisions to Improve Pollardâs Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves
It is true that different approaches have been utilised to accelerate the computation of discrete logarithm problem on elliptic curves with Pollard’s Rho method. However, trapping in cycles fruitless will be obtained by using the random walks with Pollard’s Rho. An efficient alternative approach that is based on new collisions which are reliant on the values ai , bi to solve this problem is pro...
متن کامل