Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem

Kijima, Shuji; Montenegro, Ravi

doi:10.1007/978-3-662-46447-2_6

Search citation statements

Order By: Relevance

Paper Sections

Select...

Pollard Rho and Kangaroo1

Algorithm For Multiple Dlp In the Exponent1

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2015

Publication Types

Select...

Article1

Book1

Relationship

Self Cite0

Independent2

Authors

Journals

Cited by 2 publications

(2 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is worth noting that most papers on the Pollard rho and kangaroo algorithms rely on heuristic assumptions. One issue that has received a lot of attention is the effect on the running time due to the number of partitions used to define the walk: A first heuristic was proposed by Brent and Pollard in the context of integer factorisation; Blackburn and Murphy [11] rediscovered this idea in the case of the rho algorithm for the ECDLP; Section 3 of Bernstein and Lange [8] discusses a refinement of the idea for rho; Kijima and Montenegro [79] give a derivation of it and prove rigorous results for both the rho and kangaroo algorithms (and more). Experimental results confirm the analysis in those papers, but it is a challenging and interesting task to minimise the use of heuristics but still get good results about these algorithms.…”

Section: Pollard Rho and Kangaroomentioning

confidence: 99%

Recent progress on the elliptic curve discrete logarithm problem

Galbraith

Gaudry

2015

Des. Codes Cryptogr.

View full text Add to dashboard Cite

Section: Pollard Rho and Kangaroomentioning

confidence: 99%

Recent progress on the elliptic curve discrete logarithm problem

Galbraith

Gaudry

2015

Des. Codes Cryptogr.

View full text Add to dashboard Cite

“…Several literatures focus on this rigour of pseudo-random function used in Pollard's algorithm. For further details on this, refer to [9].…”

Section: Algorithm For Multiple Dlp In the Exponentmentioning

confidence: 99%

Multiple Discrete Logarithm Problems with Auxiliary Inputs

Kim

2015

Advances in Cryptology -- ASIACRYPT 2015

View full text Add to dashboard Cite

Let g be an element of prime order p in an abelian group and let α1, . . . , αL ∈ Zp for a positive integer L. First, we show that, if g, g α i , andLet f ∈ Fp[x] be a polynomial of degree d and let ρ f be the number of rational points over Fp on the curve determined by f (x) − f (y) = 0. Second, if g, g α i , g α 2 i , . . . , g α d i are given for any d ≥ 1, then we propose an algorithm that solves all αi's in O(max{ L • p 2 /ρ f , L • d}) group exponentiations with O( L • p 2 /ρ f ) storage. In particular, we have explicit choices for a polynomial f when d | p ± 1, that yield a running time of O( L • p/d) whenever L ≤ p c•d 3 for some constant c.

show abstract

Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem

Cited by 2 publications

References 17 publications

Recent progress on the elliptic curve discrete logarithm problem

Recent progress on the elliptic curve discrete logarithm problem

Multiple Discrete Logarithm Problems with Auxiliary Inputs

Contact Info

Product

Resources

About