Speeding up Pollard's rho method for computing discrete logarithms

Teske, Edlyn

doi:10.1007/bfb0054891

Cited by 94 publications

(85 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This implies these collisions not only have always occurred but the probability of a collision has also significantly increased if it compared with original method. It can be concluded that the proposed improved method will be better than the original pollard's Rho method and these alternative collisions can also be applied to previo us proposed improvements such that dividing the group into about 20 sets (Teske, 1998;2001). …”

Section: Comparison Between Methodsmentioning

confidence: 97%

“…Despite the fact that there are several attacking methods to resolve ECDLP, Pollard's Rho method (Pollard, 1980) not only is at present known as the fastest algorithm to resolve the discrete logarithm problem on elliptic curves, but its parallelized variant as well because its mathematical operations is less than other methods like Baby-Step Giant-Step (Shanks, 1971). This encourages researchers to utilise from automorphism of the group (Duursma et al, 1990), random walk on certain equivalence classes (Wiener and Zuccherato, 1999;Gallant et al, 2000), parallelization (Oorschot and Wiener, 1999), iteration function (Teske, 1998;2001), negation map (Wang and Zhang, 2012) or cycle detection (Brent, 1980;Cheon et al, 2012;Ezzouak et al, 2014) to improve this attacking method. This paper will provide a new approach by using the theorem that proposed by (Sadkhan and Neamah, 2011) to improve Pollard's Rho method which use alternative collisions to resolve the ECDLP.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

Neamah¹

2015

Journal of Computer Science

View full text Add to dashboard Cite

It is true that different approaches have been utilised to accelerate the computation of discrete logarithm problem on elliptic curves with Pollard's Rho method. However, trapping in cycles fruitless will be obtained by using the random walks with Pollard's Rho. An efficient alternative approach that is based on new collisions which are reliant on the values a i , b i to solve this problem is proposed. This may requires less iterations than Pollard's Rho original in reaching collision. Thus, the performance of Pollard's Rho method is more efficiently because the improved method not only reduces the number of mathematical operations but these collisions can also applied on previous improvements which reported in the literature.

show abstract

Section: Comparison Between Methodsmentioning

confidence: 97%

Section: Introductionmentioning

confidence: 99%

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

Neamah¹

2015

Journal of Computer Science

View full text Add to dashboard Cite

show abstract

“…Montenegro, Kim, and Tetali [9] showed that for Pollard's Rho walk τ = O(log 3 N ), while Hildebrand [8,18] showed that for Teske's additive walk τ = O * (N 2/(r−1) ). A slightly weaker notion of mixing should be used for Teske's process when r < 6, but we do not consider it here.…”

Section: Pollard's Rho Methodsmentioning

confidence: 99%

Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem

Kijima

Montenegro

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Some of the most efficient algorithms for finding the discrete logarithm involve pseudo-random implementations of Markov chains, with one or more "walks" proceeding until a collision occurs, i.e. some state is visited a second time. In this paper we develop a method for determining the expected time until the first collision. We use our technique to examine three methods for solving discrete-logarithm problems: Pollard's Kangaroo, Pollard's Rho, and a few versions of Gaudry-Schost. For the Kangaroo method we prove new and fairly precise matching upper and lower bounds. For the Rho method we prove the first rigorous non-trivial lower bound, and under a mild assumption show matching upper and lower bounds. Our Gaudry-Schost results are heuristic, but improve on the prior limited understanding of this method. We also give results for parallel versions of these algorithms.

show abstract

“…However, each processor could be working to find a different discrete logarithm as long as the iterating function used by all processors does not depend on the group element whose logarithm is sought. This requirement is satisfied by an iterating function f : G → G suggested by Teske [18], where G is partitioned into about 20 disjoint sets T i , each set is assigned a fixed randomly chosen group element g xi with known logarithm x i , and f (y) = yg xi if y ∈ T i .…”

Section: Pollard's Rho Methodsmentioning

confidence: 99%

The Full Cost of Cryptanalytic Attacks

Wiener¹

2003

J Cryptol

View full text Add to dashboard Cite

Abstract. An open question about the asymptotic cost of connecting many processors to a large memory using three dimensions for wiring is answered, and this result is used to find the full cost of several cryptanalytic attacks. In many cases this full cost is higher than the accepted complexity of a given algorithm based on the number of processor steps. The full costs of several cryptanalytic attacks are determined, including Shanks' method for computing discrete logarithms in cyclic groups of prime order n, which requires n 1/2+o(1) processor steps, but when all factors are taken into account, has full cost n 2/3+o(1) . Other attacks analyzed are factoring with the number field sieve, generic attacks on block ciphers, attacks on double and triple encryption, and finding hash collisions. In many cases parallel collision search gives a significant asymptotic advantage over well-known generic attacks.

show abstract

Speeding up Pollard's rho method for computing discrete logarithms

Cited by 94 publications

References 15 publications

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem

The Full Cost of Cryptanalytic Attacks

Contact Info

Product

Resources

About

Speeding up Pollard's rho method for computing discrete logarithms

Cited by 94 publications

References 15 publications

New Collisions to Improve Pollard&rsquo;s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

New Collisions to Improve Pollard&rsquo;s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

Collision of Random Walks and a Refined Analysis of Attacks on the Discrete Logarithm Problem

The Full Cost of Cryptanalytic Attacks

Contact Info

Product

Resources

About

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves

New Collisions to Improve Pollard’s Rho Method of Solving the Discrete Logarithm Problem on Elliptic Curves