Key Recovery Attacks on NTRU without Ciphertext Validation Routine
نویسندگان
چکیده
NTRU is an efficient public-key cryptosystem proposed by Hoffstein, Pipher, and Silverman. Assuming access to a decryption oracle, we show ways to recover the private key of NTRU systems that do not include a ciphertext validating procedure. The strongest of our methods will employ just a single call to the oracle, and in all cases, the number of calls needed will be small enough to be realistic.
منابع مشابه
Note for Technical Report #007 Version 2. the Material on Oaep in This Report Has Been Superceded by Ntru Technical Report #016, " Protecting Ntru against Chosen Ciphertext and Reaction Attacks, " Available At
RSA and Bell Labs [2, 3] have recently announced a potential attack on certain public key protocols, along with several suggested countermeasures. The most secure of these countermeasures uses the concept of plaintext aware, which means that it should be infeasible to construct a valid ciphertext without knowing the corresponding plaintext. Failure to be plaintext aware may open a cryptosystem ...
متن کاملTitle: Plaintext Awareness and the Ntru Pkcs
RSA and Bell Labs 2, 3] have recently announced a potential attack on certain public key protocols, along with several suggested countermeasures. The most secure of these countermeasures uses the concept of plaintext aware, which means that it should be infeasible to construct a valid ciphertext without knowing the corresponding plaintext. Failure to be plaintext aware may open a cryptosystem t...
متن کاملNew Chosen-Ciphertext Attacks on NTRU
We present new and efficient key-recovery chosen-ciphertext attacks on NTRUencrypt. Our attacks are somewhat intermediate between chosen-ciphertext attacks on NTRUencrypt previously published at CRYPTO ’00 and CRYPTO ’03. Namely, the attacks only work in the presence of decryption failures; we only submit valid ciphertexts to the decryption oracle, where the plaintexts are chosen uniformly at r...
متن کاملProtecting NTRU Against Chosen Ciphertext and Reaction Attacks
This report describes how the Fujisaki-Okamoto SelfReferential Technique (FOSRT) can be used to make the NTRU Public Key Cryptosystem resistant to adaptive chosen ciphertext attacks and to reaction attacks. Many asymmetric ciphers are susceptible to (adaptive) chosen ciphertext attacks. An attacker sends a series of purported ciphertexts e1, e2, . . . and uses the decryptions to deduce informat...
متن کاملPractical Cryptanalysis of a Public-Key Encryption Scheme Based on Non-linear Indeterminate Equations at SAC 2017
We investigate the security of a public-key encryption scheme, the Indeterminate Equation Cryptosystem (IEC), introduced by Akiyama, Goto, Okumura, Takagi, Nuida, and Hanaoka at SAC 2017 as postquantum cryptography. They gave two parameter sets PS1 (n, p, deg X, q) = (80, 3, 1, 921601) and PS2 (n, p, deg X, q) = (80, 3, 2, 58982400019). The paper gives practical key-recovery and message-recover...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2002 شماره
صفحات -
تاریخ انتشار 2002