Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve

Hiromasa Miura; Rikuya Matsumura; Takuya Kusaka; Yasuyuki Nogami

doi:10.1109/CANDAR51075.2020.00029

Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve

Hiromasa Miura, Rikuya Matsumura, Takuya Kusaka, Yasuyuki Nogami

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Pollard’s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard’s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard’s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard’s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.

Original language	English
Title of host publication	Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	160-166
Number of pages	7
ISBN (Electronic)	9781728182216
DOIs	https://doi.org/10.1109/CANDAR51075.2020.00029
Publication status	Published - Nov 2020
Event	8th International Symposium on Computing and Networking, CANDAR 2020 - Virtual, Naha, Japan Duration: Nov 24 2020 → Nov 27 2020

Publication series

Name	Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020

Conference

Conference	8th International Symposium on Computing and Networking, CANDAR 2020
Country/Territory	Japan
City	Virtual, Naha
Period	11/24/20 → 11/27/20

Keywords

Barreto-Naehrig curve
ECDLP
Fruitless cycle
Pollard’s rho method
Skew Frobenius mapping

ASJC Scopus subject areas

Artificial Intelligence
Computational Theory and Mathematics
Computer Networks and Communications
Computer Science Applications
Software

Access to Document

10.1109/CANDAR51075.2020.00029

Cite this

Miura, H., Matsumura, R., Kusaka, T., & Nogami, Y. (2020). Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve. In Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020 (pp. 160-166). [09394382] (Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDAR51075.2020.00029

Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve. / Miura, Hiromasa; Matsumura, Rikuya; Kusaka, Takuya et al.

Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020. Institute of Electrical and Electronics Engineers Inc., 2020. p. 160-166 09394382 (Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Miura, H, Matsumura, R, Kusaka, T & Nogami, Y 2020, Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve. in Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020., 09394382, Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020, Institute of Electrical and Electronics Engineers Inc., pp. 160-166, 8th International Symposium on Computing and Networking, CANDAR 2020, Virtual, Naha, Japan, 11/24/20. https://doi.org/10.1109/CANDAR51075.2020.00029

Miura H, Matsumura R, Kusaka T , Nogami Y. Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve. In Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020. Institute of Electrical and Electronics Engineers Inc. 2020. p. 160-166. 09394382. (Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020). doi: 10.1109/CANDAR51075.2020.00029

Miura, Hiromasa ; Matsumura, Rikuya ; Kusaka, Takuya et al. / Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve. Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020. Institute of Electrical and Electronics Engineers Inc., 2020. pp. 160-166 (Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020).

@inproceedings{536b340160a144e9936381f4140d5a0a,

title = "Analysis of a method to eliminate fruitless cycles for Pollard{\textquoteright}s rho method with skew Frobenius mapping over a Barreto-Naehrig curve",

abstract = "Pollard{\textquoteright}s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard{\textquoteright}s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard{\textquoteright}s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard{\textquoteright}s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.",

keywords = "Barreto-Naehrig curve, ECDLP, Fruitless cycle, Pollard{\textquoteright}s rho method, Skew Frobenius mapping",

author = "Hiromasa Miura and Rikuya Matsumura and Takuya Kusaka and Yasuyuki Nogami",

note = "Funding Information: ACKNOWLEDGMENT The authors thank the anonymous reviewers to improve this work. This work was supported by the JSPS KAKENHI Challenging Research (Pioneering) 19H05579. Publisher Copyright: {\textcopyright} 2020 IEEE; 8th International Symposium on Computing and Networking, CANDAR 2020 ; Conference date: 24-11-2020 Through 27-11-2020",

year = "2020",

month = nov,

doi = "10.1109/CANDAR51075.2020.00029",

language = "English",

series = "Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "160--166",

booktitle = "Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020",

}

TY - GEN

T1 - Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve

AU - Miura, Hiromasa

AU - Matsumura, Rikuya

AU - Kusaka, Takuya

AU - Nogami, Yasuyuki

N1 - Funding Information: ACKNOWLEDGMENT The authors thank the anonymous reviewers to improve this work. This work was supported by the JSPS KAKENHI Challenging Research (Pioneering) 19H05579. Publisher Copyright: © 2020 IEEE

PY - 2020/11

Y1 - 2020/11

N2 - Pollard’s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard’s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard’s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard’s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.

AB - Pollard’s rho method is one of the most efficient methods for solving elliptic curve discrete logarithm problem (ECDLP) in elliptic curve cryptography. Pollard’s rho method with skew Frobenius mapping can solve ECDLP over a Barreto-Naehrig (BN) curve efficiently. Pollard’s rho method may result in an unsolvable cycle called a fruitless cycle. When a random walk pass results in a fruitless cycle, the random walk pass must restart with a different starting point. However, an effective method for eliminating the fruitless cycle has been not proposed yet. This paper proposes a method for eliminating the fruitless cycle in Pollard’s rho method with skew Frobenius mapping. In addition, the authors apply the proposed method to a BN curve with 17-bit parameters and confirm the effectiveness.

KW - Barreto-Naehrig curve

KW - ECDLP

KW - Fruitless cycle

KW - Pollard’s rho method

KW - Skew Frobenius mapping

UR - http://www.scopus.com/inward/record.url?scp=85104648880&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85104648880&partnerID=8YFLogxK

U2 - 10.1109/CANDAR51075.2020.00029

DO - 10.1109/CANDAR51075.2020.00029

M3 - Conference contribution

AN - SCOPUS:85104648880

T3 - Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020

SP - 160

EP - 166

BT - Proceedings - 2020 8th International Symposium on Computing and Networking, CANDAR 2020

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 8th International Symposium on Computing and Networking, CANDAR 2020

Y2 - 24 November 2020 through 27 November 2020

ER -

Analysis of a method to eliminate fruitless cycles for Pollard’s rho method with skew Frobenius mapping over a Barreto-Naehrig curve

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this