Re: index calculus vs pollard rho

Bill Allombert on Thu, 03 Apr 2014 17:28:41 +0200

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: index calculus vs pollard rho

To: pari-dev@pari.math.u-bordeaux.fr
Subject: Re: index calculus vs pollard rho
From: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>
Date: Thu, 3 Apr 2014 17:28:24 +0200
Delivery-date: Thu, 03 Apr 2014 17:28:41 +0200
In-reply-to: <CAAuMLAmburBVqztGqO4Q-wRC_KeN8PWGFZj4DiH3_ZR=-=qMEQ@mail.gmail.com>
Mail-followup-to: pari-dev@pari.math.u-bordeaux.fr
References: <CAAuMLAmburBVqztGqO4Q-wRC_KeN8PWGFZj4DiH3_ZR=-=qMEQ@mail.gmail.com>
User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Apr 03, 2014 at 03:22:02PM +0200, Pascal Molin wrote:
> The following znlog uses index calculus on a 46 bits subgroup, but p itself
> is large,
> this is slow (and memory-demanding)
> 
> *gp* > p=nextprime(2^120); znlog(Mod(3,p),Mod(2,p),p-1)
> 
> time = 51,617 ms.
> 
> %21 = 391862826185609110238504885400229618
> 
> while the same is easier to compute with pollard

The issue is that the threshold for Pohlig-Hellman algorithm is set to 27 bits
independently of the size of p.

Cheers,
Bill.

Follow-Ups:
- Re: index calculus vs pollard rho
  - From: Bill Allombert <Bill.Allombert@math.u-bordeaux.fr>

References:
- index calculus vs pollard rho
  - From: Pascal Molin <molin@math.univ-paris-diderot.fr>

Prev by Date: index calculus vs pollard rho
Next by Date: new functions bnrisgalois, bnrgaloismatrix, bnrgaloisapply
Previous by thread: index calculus vs pollard rho
Next by thread: Re: index calculus vs pollard rho
Index(es):
- Date
- Thread