Abstract
We propose a method to speed up the r-adding walk on multiplicative subgroups of the prime field. The r-adding walk is an iterating function used with the Pollard rho algorithm and is known to require less iterations than Pollard’s original iterating function in reaching a collision. Our main idea is to follow through the r-adding walk with only partial information about the nodes reached.
The trail traveled by the proposed method is a normal r-adding walk, but with significantly reduced execution time for each iteration. While a single iteration of most r-adding walks on F p require a multiplication of two integers of logp size, the proposed method requires an operation of complexity only linear in logp, using a pre-computed table of size O((logp)r + 1·loglogp). In practice, our rudimentary implementation of the proposed method increased the speed of Pollard rho with r-adding walks by a factor of more than 10 for 1024-bit random primes p.
Chapter PDF
Similar content being viewed by others
References
Adleman, L.: A Subexponential Algorithm for the Discrete Logarithm Problem with Applications to Cryptography. In: Proc. of the IEEE 20th Annual Symposium on Foundations of Computer Science (FOCS), pp. 55–60 (1979)
Brent, R.: An improved Monte Carlo Factorization Algorithm. BIT 20, 176–184 (1980)
Diffie, W., Hellman, M.: New Directions in Cryptology. IEEE Trans. Inform. Theory 22, 644–654 (1976)
Duursma, I., Gaudry, P., Morain, F.: Speeding up the Discrete Log Computation on Curves with Automorphisms. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 103–121. Springer, Heidelberg (1999)
Digital Signature Standard, NIST. U.S. Department of Commerce. Federal Information Processing Standards Publication (FIPS PUB) 186 (May 1994)
ElGamal, T.: A Public Key Cryptosystem and a Signature Scheme based on Discrete Logarithms. IEEE Trans. Infrom. Theory 31, 469–472 (1985)
Gallant, R., Lambert, R., Vanstone, S.: Improving the Parallelized Pollard Lambda Search on Binary Anomalous Curves. Math. Comp. 69, 1699–1705 (2000)
Karatsuba, A., Ofman, Y.: Multiplication of Multidigit Numbers on Automata. Soviet Physics-Doklady 7, 595–596 (1963)
Knuth, D.: The Art of Computer Programming. Seminumerical Algorithms, vol. II. Addison-Wesley, Reading (1969)
Knuth, D.: The Art of Computer Programming. Sorting and Searching, vol. III. Addison-Wesley, Reading (1973)
Nivasch, G.: Cycle Detection using a Stack. Information Processing Letters 90, 135–140 (2004)
van Oorschot, P., Wiener, M.: Parallel Collision Search with Cryptanalytic Applications. J. Cryptology 12, 1–28 (1999)
Pohlig, S., Hellman, M.: An Improved Algorithm for Computing Discrete Logarithms over GF(p) and its Cryptographic Significance. IEEE Trans. Inform. Theory 24, 106–110 (1978)
Pollard, J.: A Monte Carlo Method for Index Computation (mod p). Math. Comp. 32(143), 918–924 (1978)
Quisquater, J., Delescaille, J.: How easy is Collision Search? Application to DES. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 429–434. Springer, Heidelberg (1990)
Sattler, J., Schnorr, C.: Generating Random Walks in Groups. Ann. -Univ. -Sci. -Budapest. -Sect. -Comput. 6, 65–79 (1985)
Schnorr, C., Lenstra Jr., H.: A Monte Carlo Factoring Algorithm with Linear Storage. Math. Comp. 43(167), 289–311 (1984)
Schönhage, A., Strassen, V.: Schnelle Multiplikation Grobner Zahlen. Computing 7, 281–292 (1971)
Sedgewick, R., Szymanski, T., Yao, A.: The Complexity of Finding Cycles in Periodic Functions. SIAM Journal on Computing 11(2), 376–390 (1982)
Shanks, D.: Class number, a Theory of Factorization and Genera. In: Proc. Symp. Pure Math., vol. 20, pp. 415–440 (1971)
Shoup, V.: NTL: A Library for doing Number Theory, Ver 5.4.1, http://shoup.net/ntl/
Shoup, V.: A Computational Introduction to Number Theory and Algebra. Cambridge University Press, Cambridge (2005)
Teske, E.: Speeding up Pollard’s rho Method for Computing Discrete Logarithms. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 541–554. Springer, Heidelberg (1998)
Teske, E.: On Random Walks for Pollard’s rho Method. Math. Comp. 70, 809–825 (2001)
Wiener, M., Zuccherato, R.: Fast Attacks on Elliptic Curve Cryptosystems. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 190–200. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cheon, J.H., Hong, J., Kim, M. (2008). Speeding Up the Pollard Rho Method on Prime Fields. In: Pieprzyk, J. (eds) Advances in Cryptology - ASIACRYPT 2008. ASIACRYPT 2008. Lecture Notes in Computer Science, vol 5350. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89255-7_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-89255-7_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89254-0
Online ISBN: 978-3-540-89255-7
eBook Packages: Computer ScienceComputer Science (R0)