NTRUEncrypt and Lattice Attacks
نویسنده
چکیده
NTRUEncrypt is a relatively new cryptosystem, introduced in 1996. The best known attacks on the cryptosystem are due to lattice basis reduction. In this Master’s project we have implemented lattice attacks using dimension-reduced and zero-forced lattices. Furthermore, we have reduced a modified version of the zero-forced lattice. This “non-lossy” zero-forced lattice performed better than the original zero-forced lattice, which discards information of the private key. We have also made investigations to see whether the estimated breaking times, estimations made by NTRU Cryptosystems, are reasonable or not. The tests indicate that the security estimation for the Moderate security level, using polynomials of degree 167, might be reasonable. However, the results show that the estimated breaking time for the Standard security level, where the degree of the polynomials is 263, might be a bit too optimistic. NTRUEncrypt och gitterattacker
منابع مشابه
Choosing NTRUEncrypt Parameters in Light of Combined Lattice Reduction and MITM Approaches
We present the new NTRUEncrypt parameter generation algorithm, which is designed to be secure in light of recent attacks that combine lattice reduction and meet-in-the-middle (MITM) techniques. The parameters generated from our algorithm have been submitted to several standard bodies and are presented at the end of the paper.
متن کاملA Hybrid Lattice-Reduction and Meet-in-the-Middle Attack Against NTRU
To date the NTRUEncrypt security parameters have been based on the existence of two types of attack: a meet-in-the-middle attack due to Odlyzko, and a conservative extrapolation of the running times of the best (known) lattice reduction schemes to recover the private key. We show that there is in fact a continuum of more efficient attacks between these two attacks. We show that by combining lat...
متن کاملCryptanalysis of the Paeng-Jung-Ha Cryptosystem from PKC 2003
At PKC 2003 Paeng, Jung, and Ha proposed a lattice based public key cryptosystem(PJH). It is originated from GGH, and designed as a hybrid of GGH and NTRUEncrypt in order to reduce the key size. They claimed that PJH is secure against all possible attacks, especially against lattice attacks. However, in this paper, we present a key recovery attack, based on lattice theory, against PJH. The runn...
متن کاملRevisiting Lattice Attacks on Overstretched NTRU Parameters
In 2016, Albrecht, Bai and Ducas and independently Cheon, Jeong and Lee presented very similar attacks to break the NTRU cryptosystem with larger modulus than in the NTRUEncrypt standard. They allow to recover the secret key given the public key of Fully Homomorphic Encryption schemes based on NTRU ideas. Hopefully, these attacks do not endanger the security of the NTRUEncrypt, but shed new lig...
متن کاملComparison between Subfield and Straightforward Attacks on NTRU
Recently in two independent papers, Albrecht, Bai and Ducas and Cheon, Jeong and Lee presented two very similar attacks, that allow to break NTRU with larger parameters and GGH Multinear Map without zero encodings. They proposed an algorithm for recovering the NTRU secret key given the public key which apply for large NTRU modulus, in particular to Fully Homomorphic Encryption schemes based on ...
متن کامل