Sophisticated analysis of a method to eliminate fruitless cycles for Pollard's rho method with skew Frobenius mapping over a Barreto-Naehrig curve

• Published in: International Journal of Networking and Computing Vol. 11; no. 2; pp. 231 - 250
• Main Authors: Miura, Hiromasa, Kanzawa, Syota, Matsumura, Rikuya, Kodera, Yuta, Kusaka, Takuya, Nogami, Yasuyuki
• Format: Journal Article
• Language: English
• Published: IJNC Editorial Committee 2021
• Subjects: Barreto-Naehrig curve; ECDLP; fruitless cycle; Pollard's rho method; skew Frobenius mapping
• ISSN: 2185-2839; 2185-2847
• DOI: 10.15803/ijnc.11.2_231

In this paper, the authors focus on and propose an approach to attack a kind of pairing-friendly curves, the Barreto-Naehring (BN) curve, to accelerate the evaluation of the security level concerning the elliptic curve discrete logarithm problem (ECDLP). More precisely, this paper targets the BN curve, which is known to be a pairing-friendly curve, and Pollard's rho method based on the random-walk is adopted to attack the curve.Though Pollard's rho method with skew Frobenius mapping is known to solve the ECDLP efficiently, this approach sometimes induces the unsolvable cycle, called the fruitless cycle, and such trials must restart with a different starting point. However, any effective method to eliminate such fruitless cycles has not been proposed. Therefore, the authors focus and give the sophisticated analysis to propose an effective approach to eliminate such cycles to optimize Pollard's rho method furthermore. In addition, we confirm the effectiveness of the method by applying it to a BN curve with 12, 17, and 33-bit parameters.