Available in electronic format
Available in print format		 Mathematics of Computation
Journal of the American Mathematical Society
ISSN 1088-6842(e) ISSN 0025-5718(p)
Previous issue | Table of contents | Next issue
Articles in press | Recently posted articles | Most recent issue | All issues
Previous Article | Next Article
     

Improving the parallelized Pollard lambda search on anomalous binary curves

Author(s): Robert Gallant; Robert Lambert; Scott Vanstone.
Journal: Math. Comp. 69 (2000), 1699-1705.
MSC (1991): Primary 94A60, 14Q05, 14H52
Posted: May 19, 1999
Retrieve article in: PDF
This article is available free of charge

Abstract | References | Similar articles | Additional information

Abstract: The best algorithm known for finding logarithms on an elliptic curve $(E)$ is the (parallelized) Pollard lambda collision search. We show how to apply a Pollard lambda search on a set of equivalence classes derived from $E$, which requires fewer iterations than the standard approach. In the case of anomalous binary curves over $F_{2^m}$, the new approach speeds up the standard algorithm by a factor of $\sqrt{2m}$.

References:

[1]
The Certicom ECC Challenge, available from http://www.certicom.com/chal/,1997.
[2]
D. Knuth, The Art of Computer Programming. Vol. 2: Seminumerical Algorithms, 2nd ed., Addison-Wesley, 1981. MR 83i:68003
[3]
N. Koblitz, ``CM-curves with good cryptographic properties'', Advances in Cryptology-CRYPTO '91, Lecture Notes in Computer Science, 576 (1992), Springer-Verlag, 279-287. MR 94e:11134
[4]
P. van Oorschot and M. Wiener, ``Parallel collision search with cryptanalytic applications", to appear in Journal of Cryptology.
[5]
J. Pollard, ``Monte Carlo methods for index computation mod $p$", Mathematics of Computation, 32 (1978), 918-924. MR 58:10684
[6]
J. Solinas, ``An improved algorithm for arithmetic on a family of elliptic curves", Advances in Cryptology-CRYPTO '97, Lecture Notes in Computer Science, 1294 (1997), Springer-Verlag, 357-371.
[7]
E. Teske, ``Speeding up Pollard's rho method for computing discrete logarithms", preprint, 1997, available from http://www.informatik.th-darmstadt.de/TI/Veroeffentlichung/TR/.
[8]
M. Wiener and R. Zuccherato, ``Faster attacks on elliptic curve cryptosystems", preprint, 1998, available from http://grouper.ieee.org/groups/1363/contributions/attackEC.ps.

Similar Articles:

Retrieve articles in Mathematics of Computation with MSC (1991): 94A60, 14Q05, 14H52

Retrieve articles in all Journals with MSC (1991): 94A60, 14Q05, 14H52

Additional Information:

Robert Gallant
Affiliation: Certicom Corp., 200 Matheson Blvd. W., Suite 103, Mississauga, Ontario, Canada L5R 3L7
Email: rgallant@certicom.com

Robert Lambert
Affiliation: Certicom Corp., 200 Matheson Blvd. W., Suite 103, Mississauga, Ontario, Canada L5R 3L7
Email: rlambert@certicom.com

Scott Vanstone
Affiliation: Certicom Corp., 200 Matheson Blvd. W., Suite 103, Mississauga, Ontario, Canada L5R 3L7
Email: svanstone@certicom.com

DOI: 10.1090/S0025-5718-99-01119-9
PII: S 0025-5718(99)01119-9
Received by editor(s): June 9, 1998
Received by editor(s) in revised form: October 15, 1998
Posted: May 19, 1999
Copyright of article: Copyright 2000, American Mathematical Society

  AMS Website Logo Small Comments: webmaster@ams.org
© Copyright 2009, American Mathematical Society
Privacy Statement 		Search the AMSPowered by Google