Why we should not use $c = 0$ and $c =2$ in Pollard's Rho $x_{i+1} = x_i^2 - c \pmod n$

Question

Why we should not use $c = 0$ and $c =2$ in Pollard's Rho iterating function $x_{i+1} = x_i^2 - c \pmod n?$ But other values are fine.

Answer 1

The $c=2$ case also has a fixed point, at $x=2$ (if $x_i=2$ then $x_{i+1}=2$, etc.) but there's a slightly deeper reason than this; that's the other case where it's known that the iteration is conjugate to a bit-shift map. Specifically, taking $x_i=2\cos z_i$ we get $2\cos(z_{i+1})=4\cos^2(z_i)-2$, or $\cos(z_{i+1})=2\cos^2(z_i)-1 = \cos(2z_i)$, so a simple change of variables gets us to the equivalent map $z_{i+1}=2z_i$. Of course, this transformation can't actually be carried out in the integers, but I believe the point is that this makes the topological dynamics of the map 'trivial' enough that it's a questionable choice.

Answer 2

If $c = 0$, our sequence is $x_{i + 1} = x_i^2$. If at some point during the generation of the sequence we get $x_k = 0$ for some index $k$, then the sequence becomes $0$ from that point on because $0^2 = 0$. We get stuck with a cycle of length 1. (See section $3.2.1.2$, page $19$, "The Art of Computer Programming", volume 2, seminumerical algorithms, Donald E. Knuth, 3rd edition, 1997, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA.)

I don't know a justification for $c = 2$.