Near Optimal Bounds for Collision in Pollard Rho for Discrete Log
Abstract
We analyze a fairly standard idealization of Pollard's Rho algorithm for finding the discrete logarithm in a cyclic group G. It is found that, with high probability, a collision occurs in $O(\sqrt{|G|\log |G| \log \log |G|})$ steps, not far from the widely conjectured value of $\Theta(\sqrt{|G|})$. This improves upon a recent result of Miller--Venkatesan which showed an upper bound of $O(\sqrt{|G|}\log^3 |G|)$. Our proof is based on analyzing an appropriate nonreversible, non-lazy random walk on a discrete cycle of (odd) length |G|, and showing that the mixing time of the corresponding walk is $O(\log |G| \log \log |G|)$.
- Publication:
-
arXiv Mathematics e-prints
- Pub Date:
- November 2006
- DOI:
- 10.48550/arXiv.math/0611586
- arXiv:
- arXiv:math/0611586
- Bibcode:
- 2006math.....11586K
- Keywords:
-
- Mathematics - Number Theory;
- Mathematics - Combinatorics;
- Mathematics - Probability;
- 60J10;
- 68W20
- E-Print:
- Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2007), pp. 215-223, 2007.