Reduced memory meet-in-the-middle attack against the NTRU private key

Reduced Memory Meet-in-the-Middle Attack against the NTRU Private Key

NTRU is a public-key cryptosystem introduced at ANTS-III. The two most used techniques in attacking the NTRU private key are meet-in-the-middle attacks and lattice-basis reduction attacks. Howgrave-Graham combined both techniques in 2007 and pointed out that the largest obstacle to attacks is the memory capacity that is required for the meet-in-the-middle phase. In the present paper an algorith...

A Hybrid Lattice-Reduction and Meet-in-the-Middle Attack Against NTRU

To date the NTRUEncrypt security parameters have been based on the existence of two types of attack: a meet-in-the-middle attack due to Odlyzko, and a conservative extrapolation of the running times of the best (known) lattice reduction schemes to recover the private key. We show that there is in fact a continuum of more efficient attacks between these two attacks. We show that by combining lat...

A Meet in the Middle Attack on Reduced Round Kuznyechik

Kuznyechik is an SPN block cipher that has been recently chosen to be standardized by the Russian federation as a new GOST cipher. The algorithm updates a 128-bit state for nine rounds using a 256-bit key. In this paper, we present a meet-in-the-middle attack on the 5-round reduced cipher. Our attack is based on the differential enumeration approach, where we propose a distinguisher for the mid...

Three-Subset Meet-in-the-Middle Attack on Reduced XTEA

A Meet-in-the-middle Attack on Round-Reduced mCrypton

The meet-in-the-middle (MITM) attack on AES is a great success. In this paper, we apply the method to the lightweight SPN block cipher mCrypton. We prove that the multiset technique used to analyze AES can not be applied directly to mCrypton due to the scarcity of information. As a solution, we replace the unordered multiset with the ordered sequence. We lower the memory requirement from 2 to 2...