Results 1 
4 of
4
Near Optimal Bounds for Collision in Pollard Rho for Discrete Log
 Proc. of the 48th Annual Symposium on Foundations of Computer Science (FOCS
, 2007
"... We analyze a fairly standard idealization of Pollard’s Rho algorithm for finding the discrete logarithm in a cyclic group G. It is found that, with high probability, a collision occurs in O ( � G  log G  log log G) steps, not far from the widely conjectured value of Θ ( � G). This improves ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
(Show Context)
We analyze a fairly standard idealization of Pollard’s Rho algorithm for finding the discrete logarithm in a cyclic group G. It is found that, with high probability, a collision occurs in O ( � G  log G  log log G) steps, not far from the widely conjectured value of Θ ( � G). This improves upon a recent result of Miller–Venkatesan which showed an upper bound of O ( � G  log 3 G). Our proof is based on analyzing an appropriate nonreversible, nonlazy random walk on a discrete cycle of (odd) length G, and showing that the mixing time of the corresponding walk is O(log G  log log G). 1
Collision Finding with Many Classical or Quantum Processors
"... I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii In this thesis, we investigate the cost of finding col ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii In this thesis, we investigate the cost of finding collisions in a blackbox function, a problem that is of fundamental importance in cryptanalysis. Inspired by the excellent performance of the heuristic rho method of collision finding, we define several new models of complexity that take into account the cost of moving information across a large space, and lay the groundwork for studying the performance of classical and quantum algorithms in these models. iii Acknowledgements I am deeply indebted to my supervisor, Dr. Michele Mosca, for introducing me to the subject of quantum information processing, and for the years of support and encouragement
On the Efficiency of Pollard’s Rho Method for Discrete Logarithms
"... Pollard’s rho method is a randomized algorithm for computing discrete logarithms. It works by defining a pseudorandom sequence and then detecting a match in the sequence. Many improvements have been proposed, while few evaluation results and efficiency suggestions have been reported. This paper is ..."
Abstract
 Add to MetaCart
Pollard’s rho method is a randomized algorithm for computing discrete logarithms. It works by defining a pseudorandom sequence and then detecting a match in the sequence. Many improvements have been proposed, while few evaluation results and efficiency suggestions have been reported. This paper is devoted to a detailed study of the efficiency issues in Pollard’s rho method. We describe an empirical performance analysis of several widely applied algorithms. This should provide a better combination of algorithms and a good choice of parameters for Pollard’s rho method. Keywords: Pollard’s rho method, discrete logarithm, elliptic curve discrete logarithm. 1