Improved Pollard rho method for computing discrete logarithms over finite extension fields

It is clear that the distinctive feature of the normal basis representations, namely, the pp-th power of an element is just the cyclic shift of its normal basis representation where pp is the characteristic of the underlying field, can be used to speed up the computation of discrete logarithms over finite extension fields FpmFpm. We propose a variant of the Pollard rho method to take advantage of this feature, and achieve the speedup by a factor of m, rather than 3p−34p−3m, the previous result reported in the literature. Besides the theoretical analysis, we also compare the performances of the new method with the previous algorithm in experiments, and the result confirms our analysis. Due to the MOV reduction, our method can be applied to paring-based cryptosystems over binary or ternary fields.