A birthday paradox for Markov chains, with an optimal bound for collision in the Pollard Rho algorithm for discrete logarithm

Authors:
Jeong Han Kim;Ravi Montenegro;Yuval Peres;Prasad Tetali
Affiliations:
Department of Mathematics, Yonsei University, Seoul, Korea;Department of Mathematical Sciences, University of Massachusetts at Lowell, Lowell, MA;Microsoft Research, Redmond and University of California, Berkeley, CA;School of Mathematics and School of Computer Science, Georgia Institute of Technology, Atlanta, GA
Venue:
ANTS-VIII'08 Proceedings of the 8th international conference on Algorithmic number theory
Year:
2008

Citing 3
Cited 2

Near Optimal Bounds for Collision in Pollard Rho for Discrete Log

FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Lower bounds for discrete logarithms and related problems

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Spectral analysis of pollard rho collisions

ANTS'06 Proceedings of the 7th international conference on Algorithmic Number Theory

How long does it take to catch a wild kangaroo?

Proceedings of the forty-first annual ACM symposium on Theory of computing
An Improvement to the Gaudry-Schost Algorithm for Multidimensional Discrete Logarithm Problems

Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding

Quantified Score

Hi-index	0.00

Visualization

Abstract

We show a Birthday Paradox for self-intersections of Markovchains with uniform stationary distribution. As an application, we analyzePollard's Rho algorithm for finding the discrete logarithm in a cyclicgroup G and find that, if the partition in the algorithm is given by arandom oracle, then with high probability a collision occurs in Θ(√|G|)steps. This is the first proof of the correct bound which does not assumethat every step of the algorithm produces an i.i.d. sample from G.