Toward A Theory of Pollard's Rho Method

On the Efficiency of Pollard's Rho Method for Discrete Logarithms

Pollard’s rho method is a randomized algorithm for computing discrete logarithms. It works by defining a pseudo-random sequence and then detecting a match in the sequence. Many improvements have been proposed, while few evaluation results and efficiency suggestions have been reported. This paper is devoted to a detailed study of the efficiency issues in Pollard’s rho method. We describe an empi...

Better Random Walks for Pollard's Rho Method

We consider Pollard's rho method for discrete logarithm computation. In the analysis of its running time, the crucial assumption is made that a random walk in the underlying group is simulated. We show that this assumption does not exactly hold for the walk originally suggested by Pollard. We study alternative walks that can be eeciently applied to compute discrete logarithms. We introduce a cl...

Speeding Up Pollard's Rho Method for Computing Discrete Logarithms

In Pollard's rho method, an iterating function f is used to de-ne a sequence (yi) by yi+1 = f(yi) for i = 0; 1; 2; : : :, with some starting value y0. In this paper, we deene and discuss new iterating functions for computing discrete logarithms with the rho method. We compare their performances in experiments with elliptic curve groups. Our experiments show that one of our newly deened function...

An investigation into Pollard’s Rho method for attacking Elliptic Curve Cryptosystems

On random walks for Pollard's rho method

We consider Pollard’s rho method for discrete logarithm computation. Usually, in the analysis of its running time the assumption is made that a random walk in the underlying group is simulated. We show that this assumption does not hold for the walk originally suggested by Pollard: its performance is worse than in the random case. We study alternative walks that can be efficiently applied to co...