A birthday paradox for Markov chains with an optimal bound for collision in the Pollard rho algorithm for discrete logarithm

DOI10.1214/09-AAP625zbMATH Open1195.60096arXiv0712.0220OpenAlexW2051025109WikidataQ123010543 ScholiaQ123010543MaRDI QIDQ968774FDOQ968774

Jeong Han Kim, Yuval Peres, Prasad Tetali, Ravi Montenegro

Publication date: 6 May 2010

Published in: The Annals of Applied Probability, Lecture Notes in Computer Science (Search for Journal in Brave)

Abstract: We show a Birthday Paradox for self-intersections of Markov chains with uniform stationary distribution. As an application, we analyze Pollard's Rho algorithm for finding the discrete logarithm in a cyclic group

G

and find that if the partition in the algorithm is given by a random oracle, then with high probability a collision occurs in

T h e t a (s q r t | G |)

steps. Moreover, for the parallelized distinguished points algorithm on

J

processors we find that

T h e t a (s q r t | G | / J)

steps suffices. These are the first proofs of the correct order bounds which do not assume that every step of the algorithm produces an i.i.d. sample from

G

.

Full work available at URL: https://arxiv.org/abs/0712.0220

Recommendations

zbMATH Keywords

Markov chain discrete logarithm mixing time self intersection Pollard rho collision time Birthday Paradox Pollard's Rho

Mathematics Subject Classification ID

Markov chains (discrete-time Markov processes on discrete state spaces) (60J10) Analysis of algorithms and problem complexity (68Q25) Cryptography (94A60) Factorization (11Y05) Number-theoretic algorithms; complexity (11Y16)

Cites Work

Cited In (11)

This page was built for publication: A birthday paradox for Markov chains with an optimal bound for collision in the Pollard rho algorithm for discrete logarithm

Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q968774)