Subset-Restricted Random Walks for Pollard rho Method on \({\mathbf{F}_{p^m}}\)

  • Minkyu Kim
  • Jung Hee Cheon
  • Jin Hong
Conference paper

DOI: 10.1007/978-3-642-00468-1_4

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5443)
Cite this paper as:
Kim M., Cheon J.H., Hong J. (2009) Subset-Restricted Random Walks for Pollard rho Method on \({\mathbf{F}_{p^m}}\). In: Jarecki S., Tsudik G. (eds) Public Key Cryptography – PKC 2009. PKC 2009. Lecture Notes in Computer Science, vol 5443. Springer, Berlin, Heidelberg

Abstract

In this paper, we propose a variant of the Pollard rho method. We use an iterating function whose image size is much smaller than its domain and hence reaches a collision faster than the original iterating function. We also explicitly show how this general method can be applied to multiplicative subgroups of finite fields with large extension degree.

The construction for finite fields uses a distinctive feature of the normal basis representation, namely, that the p-th power of an element is just the cyclic shift of its normal basis representation, when the underlying field is of characteristic p. This makes our method appropriate for hardware implementations. On multiplicative subgroups of \({\mathbf{F}_{p^m}}\), our method shows time complexity advantage over the original Pollard rho method by a factor of approximately \(\frac{3p-3}{4p-3}\sqrt{m}\).

Through the MOV reduction, our method can be applied to pairing-based cryptosystems over binary or ternary fields. Hence our algorithm suggests that the order of subgroups, on which the pairing-based cryptosystems rely, needs to be increased by a factor of approximately m.

Keywords

discrete logarithm problem pairing Pollard rho method normal basis 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Minkyu Kim
    • 1
  • Jung Hee Cheon
    • 1
  • Jin Hong
    • 1
  1. 1.ISaC and Department of Mathematical SciencesSeoul National UniversitySeoulKorea

Personalised recommendations