Content deleted Content added
→The algorithm: Adding some \, so that formulas use a consistent style. |
→The algorithm: More latex 'fixes'. |
||
Line 3:
==The algorithm==
Suppose <math>G</math> is a finite cyclic group of order <math>n</math> which is generated by the element <math>\alpha</math>, and we seek to find the discrete logarithm <math>x</math> of the element <math>\beta</math> to the base <math>\alpha</math>. In other words, we seek <math>x \in Z_n</math> such that <math>\alpha^x = \beta</math>. The lambda algorithm allows us to search for <math>x</math> in some subset <math>\{a,\ldots,b\}
1. Choose a set <math>S</math> of integers and define a [[pseudorandom]] map <math>f: G \rightarrow S</math>.
Line 9:
2. Choose an integer <math>N</math> and compute a sequence of group elements <math>\{x_0,x_1,\ldots,x_N\}</math> according to:
* <math>x_0 = \alpha^b\,</math>
* <math>x_{i+1} = x_i\alpha^{f(x_i)}
3. Compute
:<math>d = \sum_{i=0}^{N-1}f(x_i)</math>.
Line 16:
4. Begin computing a second sequence of group elements <math>\{y_0,y_1,\ldots\}</math> according to:
* <math>y_0 = \beta\,</math>
* <math>y_{i+1} = y_i\alpha^{f(y_i)}
and a corresponding sequence of integers <math>\{d_0,d_1,\ldots\}</math> according to:
:<math>d_n = \sum_{i=0}^{n-1}f(y_i)</math>.
Observe that:
:<math>y_i = y_0\alpha^{d_i} = \beta\alpha^{d_i}
5. Stop computing terms of <math>\{y_i\}</math> and <math>\{d_i\}</math> when either of the following conditions are met:
| |||