Advertisement

Speeding up Pollard's rho method for computing discrete logarithms

  • Edlyn Teske
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1423)

Abstract

In Pollard's rho method, an iterating function f is used to define a sequence (y i) by y i+1=f(y i) for i=0,1, 2,..., with some starting value y0. In this paper, we define and discuss new iterating functions for computing discrete logarithms with the rho method. We compare their performances in experiments with elliptic curve groups. Our experiments show that one of our newly defined functions is expected to reduce the number of steps by a factor of approximately 0.8, in comparison with Pollard's originally used function, and we show that this holds independently of the size of the group order. For group orders large enough such that the run time for precomputation can be neglected, this means a real-time speed-up of more than 1.2.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    O. Atkin. The number of points on an elliptic curve modulo a prime. Manuscript.Google Scholar
  2. 2.
    R.P. Brent. An improved Monte Carlo factorization algorithm. BIT, 20:176–184, 1980.MATHMathSciNetCrossRefGoogle Scholar
  3. 3.
    A. Greenhalgh. Random walks on groups with subgroup invariance properties. PhD thesis, Department of Mathematics, Stanford University, 1989.Google Scholar
  4. 4.
    M. V. Hildebrand. Random walks supported on the random points of ℤ/nℤ. Probability Theory and Related Fields, 100:191–203, 1994.MATHMathSciNetCrossRefGoogle Scholar
  5. 5.
    D. E. Knuth. The art of computer programming. Volume 3: Sorting and searching. Addison-Wesley, Reading, Massachusetts, 1973.Google Scholar
  6. 6.
    N. Koblitz. A Course in Number Theory and Cryptography. Springer-Verlag, New York, 1987.Google Scholar
  7. 7.
    N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48:203–209, 1987.MATHMathSciNetCrossRefGoogle Scholar
  8. 8.
    F. Lehmann, M. Maurer, V. Müller, and V. Shoup. eco — a tool for elliptic curve group order computations, 1997. TI, Technische UniversitÄt Darmstadt.Google Scholar
  9. 9.
    LiDIA Group, Technische UniversitÄt Darmstadt. LiDIA — A library for computational number theory. Available from http://www.informatik.tudarmstadt.de/TI/LiDIA.Google Scholar
  10. 10.
    V. Miller. Uses of elliptic curves in cryptography. In Advances in Cryptology — CRYPTO '85, volume 218 of Lecture Notes in Computer Science, pages 417–426, 1986.Google Scholar
  11. 11.
    S. C. Pohlig and M. E. Hellman. An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE-Transactions on Information Theory, 24:106–110, 1978.MATHMathSciNetCrossRefGoogle Scholar
  12. 12.
    J. M. Pollard. Monte Carlo methods for index computation (mod p). Mathematics of Computation, 32(143):918–924, 1978.MATHMathSciNetCrossRefGoogle Scholar
  13. 13.
    C. P. Schnorr and H. W. Lenstra, Jr. A Monte Carlo factoring algorithm with linear storage. Mathematics of Computation, 43(167):289–311, 1984.MATHMathSciNetCrossRefGoogle Scholar
  14. 14.
    D. Shanks. Class number, a theory of factorization and genera. In Proc. Symp. Pure Math. 20, pages 415–440. AMS, Providence, R.I., 1971.Google Scholar
  15. 15.
    J. Silverman. The arithmetic of elliptic curves. Springer-Verlag, 1986.Google Scholar
  16. 16.
    E. Teske. New algorithms for finite abelian groups. PhD thesis, Technische UniversitÄt Darmstadt, 1998.Google Scholar
  17. 17.
    E. Teske. A space efficient algorithm for group structure computation. To appear in Mathematics of Computation, 1998.Google Scholar
  18. 18.
    P. C. van Oorschot and M. J. Wiener. Parallel collision search with cryptanalytic applications. To appear in Journal of Cryptology.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1998

Authors and Affiliations

  • Edlyn Teske
    • 1
  1. 1.Institut für Theoretische InformatikTechnische UniversitÄt DarmstadtDarmstadtGermany

Personalised recommendations