Collision bounds for the additive Pollard rho algorithm for solving discrete logarithms

Joppe W. Bos; Alina Dudeanu; Dimitar Jetchev

doi:10.1515/jmc-2012-0032

Open Access Published by De Gruyter January 16, 2014

Collision bounds for the additive Pollard rho algorithm for solving discrete logarithms

Joppe W. Bos , Alina Dudeanu and Dimitar Jetchev

From the journal Journal of Mathematical Cryptology

https://doi.org/10.1515/jmc-2012-0032

Abstract.

We prove collision bounds for the Pollard rho algorithm to solve the discrete logarithm problem in a general cyclic group 𝐆. Unlike the setting studied by Kim et al., we consider additive walks: the setting used in practice to solve the elliptic curve discrete logarithm problem. Our bounds differ from the birthday bound 𝒪(|𝐆|) by a factor of log|𝐆| and are based on mixing time estimates for random walks on finite abelian groups due to Dou and Hildebrand.

Keywords: Pollard rho; additive walk; collision bound; random walk; mixing times

MSC: 94A60; 05C81

Funding source: Swiss National Science Foundation

Award Identifier / Grant number: 200020-132160

We are grateful to Arjen Lenstra for the careful reading of the draft and for the numerous helpful comments and discussions. We also thank Emmanuel Kowalski, Philippe Michel, Martijn Stam and Ramarathnam Venkatesan for various discussions. Finally, we thank the anonymous reviewer for improving the quality of the paper.

Received: 2012-12-14

Revised: 2013-08-02

Accepted: 2013-12-23

Published Online: 2014-01-16

Published in Print: 2014-02-01

This article is distributed under the terms of the Creative Commons Attribution Non-Commercial License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited.

Collision bounds for the additive Pollard rho algorithm for solving discrete logarithms

Abstract.

Journal and Issue

Articles in the same Issue