{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,9]],"date-time":"2026-05-09T18:31:57Z","timestamp":1778351517224,"version":"3.51.4"},"reference-count":8,"publisher":"American Mathematical Society (AMS)","issue":"232","license":[{"start":{"date-parts":[[2000,5,19]],"date-time":"2000-05-19T00:00:00Z","timestamp":958694400000},"content-version":"am","delay-in-days":366,"URL":"https:\/\/www.ams.org\/publications\/copyright-and-permissions"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Math. Comp."],"abstract":"<p>\n                    The best algorithm known for finding logarithms on an elliptic curve\n                    <inline-formula content-type=\"math\/mathml\">\n                      <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" alttext=\"left-parenthesis upper E right-parenthesis\">\n                        <mml:semantics>\n                          <mml:mrow>\n                            <mml:mo stretchy=\"false\">(<\/mml:mo>\n                            <mml:mi>E<\/mml:mi>\n                            <mml:mo stretchy=\"false\">)<\/mml:mo>\n                          <\/mml:mrow>\n                          <mml:annotation encoding=\"application\/x-tex\">(E)<\/mml:annotation>\n                        <\/mml:semantics>\n                      <\/mml:math>\n                    <\/inline-formula>\n                    is the (parallelized) Pollard lambda collision search. We show how to apply a Pollard lambda search on a set of equivalence classes derived from\n                    <inline-formula content-type=\"math\/mathml\">\n                      <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" alttext=\"upper E\">\n                        <mml:semantics>\n                          <mml:mi>E<\/mml:mi>\n                          <mml:annotation encoding=\"application\/x-tex\">E<\/mml:annotation>\n                        <\/mml:semantics>\n                      <\/mml:math>\n                    <\/inline-formula>\n                    , which requires fewer iterations than the standard approach. In the case of anomalous binary curves over\n                    <inline-formula content-type=\"math\/mathml\">\n                      <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" alttext=\"upper F Subscript 2 Sub Superscript m\">\n                        <mml:semantics>\n                          <mml:msub>\n                            <mml:mi>F<\/mml:mi>\n                            <mml:mrow class=\"MJX-TeXAtom-ORD\">\n                              <mml:msup>\n                                <mml:mn>2<\/mml:mn>\n                                <mml:mi>m<\/mml:mi>\n                              <\/mml:msup>\n                            <\/mml:mrow>\n                          <\/mml:msub>\n                          <mml:annotation encoding=\"application\/x-tex\">F_{2^m}<\/mml:annotation>\n                        <\/mml:semantics>\n                      <\/mml:math>\n                    <\/inline-formula>\n                    , the new approach speeds up the standard algorithm by a factor of\n                    <inline-formula content-type=\"math\/mathml\">\n                      <mml:math xmlns:mml=\"http:\/\/www.w3.org\/1998\/Math\/MathML\" alttext=\"StartRoot 2 m EndRoot\">\n                        <mml:semantics>\n                          <mml:msqrt>\n                            <mml:mn>2<\/mml:mn>\n                            <mml:mi>m<\/mml:mi>\n                          <\/mml:msqrt>\n                          <mml:annotation encoding=\"application\/x-tex\">\\sqrt {2m}<\/mml:annotation>\n                        <\/mml:semantics>\n                      <\/mml:math>\n                    <\/inline-formula>\n                    .\n                  <\/p>","DOI":"10.1090\/s0025-5718-99-01119-9","type":"journal-article","created":{"date-parts":[[2002,7,26]],"date-time":"2002-07-26T18:13:53Z","timestamp":1027707233000},"page":"1699-1705","source":"Crossref","is-referenced-by-count":78,"title":["Improving the parallelized Pollard lambda search on anomalous binary curves"],"prefix":"10.1090","volume":"69","author":[{"given":"Robert","family":"Gallant","sequence":"first","affiliation":[]},{"given":"Robert","family":"Lambert","sequence":"additional","affiliation":[]},{"given":"Scott","family":"Vanstone","sequence":"additional","affiliation":[]}],"member":"14","published-online":{"date-parts":[[1999,5,19]]},"reference":[{"key":"1","unstructured":"[1] The Certicom ECC Challenge, available from \\url{http:\/\/www.certicom.com\/chal\/}, 1997."},{"key":"2","series-title":"Addison-Wesley Series in Computer Science and Information Processing","isbn-type":"print","volume-title":"The art of computer programming. Vol. 2","author":"Knuth, Donald E.","year":"1981","ISBN":"https:\/\/id.crossref.org\/isbn\/0201038226","edition":"2"},{"key":"3","isbn-type":"print","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/3-540-46766-1_22","article-title":"CM-curves with good cryptographic properties","author":"Koblitz, Neal","year":"1992","ISBN":"https:\/\/id.crossref.org\/isbn\/3540551883"},{"key":"4","unstructured":"[4] P. van Oorschot and M. Wiener, \u201cParallel collision search with cryptanalytic applications\", to appear in Journal of Cryptology."},{"issue":"143","key":"5","doi-asserted-by":"publisher","first-page":"918","DOI":"10.2307\/2006496","article-title":"Monte Carlo methods for index computation (\ud835\udc5a\ud835\udc5c\ud835\udc51\ud835\udc5d)","volume":"32","author":"Pollard, J. M.","year":"1978","journal-title":"Math. Comp.","ISSN":"https:\/\/id.crossref.org\/issn\/0025-5718","issn-type":"print"},{"key":"6","doi-asserted-by":"crossref","unstructured":"[6] J. Solinas, \u201cAn improved algorithm for arithmetic on a family of elliptic curves\", Advances in Cryptology\u2014CRYPTO \u201997, Lecture Notes in Computer Science, 1294 (1997), Springer-Verlag, 357\u2013371.","DOI":"10.1007\/BFb0052248"},{"key":"7","doi-asserted-by":"crossref","unstructured":"[7] E. Teske, \u201cSpeeding up Pollard\u2019s rho method for computing discrete logarithms\", preprint, 1997, available from \\url{http:\/\/www.informatik.th-darmstadt.de\/TI\/Veroeffentlichung\/TR\/}.","DOI":"10.1007\/BFb0054891"},{"key":"8","doi-asserted-by":"crossref","unstructured":"[8] M. Wiener and R. Zuccherato, \u201cFaster attacks on elliptic curve cryptosystems\", preprint, 1998, available from \\url{http:\/\/grouper.ieee.org\/groups\/1363\/contributions\/attackEC.ps}.","DOI":"10.1007\/3-540-48892-8_15"}],"container-title":["Mathematics of Computation"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.ams.org\/mcom\/2000-69-232\/S0025-5718-99-01119-9\/S0025-5718-99-01119-9.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"https:\/\/www.ams.org\/mcom\/2000-69-232\/S0025-5718-99-01119-9\/S0025-5718-99-01119-9.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T22:27:23Z","timestamp":1776724043000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.ams.org\/mcom\/2000-69-232\/S0025-5718-99-01119-9\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1999,5,19]]},"references-count":8,"journal-issue":{"issue":"232","published-print":{"date-parts":[[2000,10]]}},"alternative-id":["S0025-5718-99-01119-9"],"URL":"https:\/\/doi.org\/10.1090\/s0025-5718-99-01119-9","archive":["CLOCKSS","Portico"],"relation":{},"ISSN":["1088-6842","0025-5718"],"issn-type":[{"value":"1088-6842","type":"electronic"},{"value":"0025-5718","type":"print"}],"subject":[],"published":{"date-parts":[[1999,5,19]]}}}