Abstract
We show that the classical Pollard ρ algorithm for discrete logarithms produces a collision in expected time \(O(\sqrt{n}(\log n)^3)\). This is the first nontrivial rigorous estimate for the collision probability for the unaltered Pollard ρ graph, and is close to the conjectured optimal bound of \(O(\sqrt{n})\). The result is derived by showing that the mixing time for the random walk on this graph is O((logn)3); without the squaring step in the Pollard ρ algorithm, the mixing time would be exponential in logn. The technique involves a spectral analysis of directed graphs, which captures the effect of the squaring step.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bach, E.: Toward a theory of Pollard’s rho method. Inform. and Comput. 90(2), 139–155 (1991)
Bollobás, B.: Modern graph theory. Graduate Texts in Mathematics, vol. 184. Springer, New York (1998)
Fill, J.A.: Eigenvalue bounds on convergence to stationarity for nonreversible Markov chains, with an application to the exclusion process. Ann. Appl. Probab. 1, 62–87 (1991)
Hildebrand, M.: A survey of results on random walks on finite groups. Probab. Surv. 2, 33–63 (2005) (electronic)
Horwitz, J.: Applications of Cayley Graphs, Bilinearity, and Higher-Order Residues to Cryptology, Ph.D. Thesis, Stanford University (2004), http://math.scu.edu/~jhorwitz/pubs/
Horwitz, J., Venkatesan, R.: Random Cayley digraphs and the discrete logarithm. Algorithmic number theory (Sydney, 2002), pp. 416–430 (2002)
Lovász, L., Winkler, P.: Mixing times, Microsurveys in discrete probability (Princeton, NJ, 1997), pp. 85–133 (1998)
Miller, S.D., Mironov, I., Venkatesan, R.: Fast and Secure Stream Cipher Designs Using Rapidly Mixing Random Walks and Revolving Buffers (preprint, 2005)
Montenegro, R., Tetali, P.: Mathematical Aspects of Mixing Times in Markov Chains. Foundations and Trends in Theoretical Computer Science (2006)
Montgomery, H.L.: Ten lectures on the interface between analytic number theory and harmonic analysis. In: CBMS Regional Conference Series in Mathematics, vol. 84. Published for the Conference Board of the Mathematical Sciences, Washington (1994)
Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997), Updated version at: http://www.shoup.net/papers/dlbounds1.pdf
Michael Steele, J.: The Cauchy-Schwarz master class, MAA Problem Books Series. Mathematical Association of America, Washington (2004); An introduction to the art of mathematical inequalities
Teske, E.: On random walks for Pollard’s rho method. Math. Comp. 70(234), 809–825 (2001)
Teske, E.: Square-root algorithms for the discrete logarithm problem (a survey). In: Public-key cryptography and computational number theory (Warsaw, 2000), pp. 283–301 (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Miller, S.D., Venkatesan, R. (2006). Spectral Analysis of Pollard Rho Collisions. In: Hess, F., Pauli, S., Pohst, M. (eds) Algorithmic Number Theory. ANTS 2006. Lecture Notes in Computer Science, vol 4076. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11792086_40
Download citation
DOI: https://doi.org/10.1007/11792086_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36075-9
Online ISBN: 978-3-540-36076-6
eBook Packages: Computer ScienceComputer Science (R0)