Cryptology ePrint Archive: Report 2017/581

Time-Memory Trade-offs for Parallel Collision Search Algorithms

Monika Trimoska and Sorina Ionica and Gilles Dequen

Abstract: Parallel versions of collision search algorithms require a significant amount of memory to store a proportion of the points computed by the pseudo-random walks. Implementations available in the literature use a hash table to store these points and allow fast memory access. We provide theoretical evidence that memory is an important factor in determining the runtime of this method. We propose to replace the traditional hash table by a simple structure, inspired by radix trees, which saves space and provides fast look-up and insertion. In the case of many- collision search algorithms, our variant has a constant-factor improved runtime. We give benchmarks that evaluate the linear parallel performance of the attack on ECDLP.

Category / Keywords: discrete logarithm, parallelism, collision, elliptic curves, meet- in-the-middle, attack, trade off, radix tree

Date: received 14 Jun 2017, last revised 17 May 2018

Contact author: monika trimoska at u-picardie fr

Available format(s): PDF | BibTeX Citation

Note: The paper now has more implementation details and results.

Version: 20180517:150912 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]