Speeding up elliptic curve discrete logarithm computations with point halving

被引:5
作者
Zhang, Fangguo [1 ]
Wang, Ping [1 ]
机构
[1] Sun Yat Sen Univ, Sch Informat Sci & Technol, Guangzhou 510006, Guangdong, Peoples R China
来源
DESIGNS CODES AND CRYPTOGRAPHY | 2013年 / 67卷 / 02期
基金
中国国家自然科学基金;
关键词
Pollard rho method; Elliptic curve discrete logarithm; Point halving; Random walk; CRYPTOSYSTEMS; FACTORIZATION; POLLARD; SEARCH;
D O I
10.1007/s10623-011-9599-5
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Pollard rho method and its parallelized variants are at present known as the best generic algorithms for computing elliptic curve discrete logarithms. We propose new iteration function for the rho method by exploiting the fact that point halving is more efficient than point addition for elliptic curves over binary fields. We present a careful analysis of the alternative rho method with new iteration function. Compared to the previous r-adding walk, generally the new method can achieve a significant speedup for computing elliptic curve discrete logarithms over binary fields. For instance, for certain NIST-recommended curves over binary fields, the new method is about 12-17% faster than the previous best methods.
引用
收藏
页码:197 / 208
页数:12
相关论文
共 34 条
  • [21] PROBABILITY-DISTRIBUTIONS RELATED TO RANDOM MAPPINGS
    HARRIS, B
    [J]. ANNALS OF MATHEMATICAL STATISTICS, 1960, 31 (04): : 1045 - 1062
  • [22] Knudsen EW, 1999, LECT NOTES COMPUT SC, V1716, P135
  • [23] KOBLITZ N, 1987, MATH COMPUT, V48, P203, DOI 10.1090/S0025-5718-1987-0866109-5
  • [24] MONTGOMERY PL, 1987, MATH COMPUT, V48, P243, DOI 10.1090/S0025-5718-1987-0866113-7
  • [25] *NAT I STAND TECHN, 1994, FIPS PUB, V186
  • [26] Pollard J. M., 1975, BIT (Nordisk Tidskrift for Informationsbehandling), V15, P331, DOI 10.1007/BF01933667
  • [27] MONTE-CARLO METHODS FOR INDEX COMPUTATION (MOD P)
    POLLARD, JM
    [J]. MATHEMATICS OF COMPUTATION, 1978, 32 (143) : 918 - 924
  • [28] SCHNORR CP, 1984, MATH COMPUT, V43, P289, DOI 10.1090/S0025-5718-1984-0744939-5
  • [29] Schroeppel R, 2001, Publication number, Patent No. [WO 01/35573 A1, 0135573]
  • [30] Schroeppel R, 2000, International Application Number PCT/US00/31014, Patent No. 0031014
1234