Practical Lattice-Based Cryptography: NTRUEncrypt and NTRUSign
نویسندگان
چکیده
W e provide a brief history and overview of lattice based cryptography and cryptanalysis: shortest vector problems, closest vector problems, subset sum problem and knapsack systems, GGH, Ajtai-Dwork and NTRU. A detailed discussion of the algorithms NTRUEncrypt and NTRUSign follows. These algorithms have attractive operating speed and keysize and are based on hard problems that are seemingly intractable. We discuss the state of current knowledge about the security of both algorithms and identify areas for further research. 1.
منابع مشابه
" Workshop on Coding and Cryptography " 22 Nd /23 Monday 22 Title: Ntruencrypt and Ntrusign: High-speed, Low-footprint Public Key Cryptography Based on Lattice Reduction
We provide an overview of the algorithms NTRUEncrypt and NTRUSign. These algorithms have attractive operating speed and keysize and are based on hard problems that are not known to have polynomial-time quantum algorithms. We discuss the state of current knowledge about the security of both algorithms and identify areas of research where progress could help the algorithms to gain acceptance. Abs...
متن کاملPerformance Improvements and a Baseline Parameter Generation Algorithm for NTRUSign
The NTRUSign signature scheme was introduced in [8]. The original presentation gave a theoretical description of the scheme and an analysis of its security, along with several parameter choices which claimed to yield an 80 bit security level. The paper [8] did not give a general recipe for generating parameter sets to a specific level of security. In line with recent research on NTRUEncrypt [9]...
متن کاملNTRUCCA: How to Strengthen NTRUEncrypt to Chosen-Ciphertext Security in the Standard Model
NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal...
متن کاملEfficient provable-secure NTRUEncrypt over any cyclotomic field
NTRUEncrypt is a fast lattice-based cryptosystem and a probable alternative of the existing public key schemes. The existing provable-secure NTRUEncrypts are limited by the cyclotomic field it works on the prime-power cyclotomic field. This is worth worrying, due to the subfield attack methods proposed in 2016. Also, the module used in computation and security parameters rely heavily on the cho...
متن کاملProvably Secure NTRUEncrypt over More General Cyclotomic Rings
NTRUEncrypt is a fast and standardized lattice-based public key encryption scheme, but it lacks a solid security guarantee. In 2011, Stehlé and Steinfeld first proposed a provably secure variant of NTRUEncrypt, denoted by pNE, over power-of-2 cyclotomic rings. The IND-CPA security of pNE is based on the worst-case quantum hardness of classical problems over ideal lattices. Recently, Yu, Xu and ...
متن کامل