On estimating the lattice security of NTRU
نویسندگان
چکیده
This report explicitly refutes the analysis behind a recent claim that NTRUEncrypt has a bit security of at most 74 bits. We also sum up some existing literature on NTRU and lattices, in order to help explain what should and what should not be classed as an improved attack against the hard problem underlying NTRUEncrypt. We also show a connection between Schnorr’s RSR technique and exhaustively searching the NTRU lattice.
منابع مشابه
QTRU: quaternionic version of the NTRU public-key cryptosystems
In this paper we will construct a lattice-based public-key cryptosystem using non-commutative quaternion algebra, and since its lattice does not fully fit within Circular and Convolutional Modular Lattice (CCML), we prove it is arguably more secure than the existing lattice-based cryptosystems such as NTRU. As in NTRU, the proposed public-key cryptosystem relies for its inherent securi...
متن کاملRevisiting the Hybrid Attack: Improved Analysis and Refined Security Estimates
Over the past decade, the hybrid lattice reduction and meetin-the middle attack (called the Hybrid Attack) has been used to evaluate the security of many lattice-based cryprocraphic schemes such as NTRU, NTRU prime, BLISS, and more. However, unfortunately none of the previous analyses of the Hybrid Attack is entirely satisfactory: they are based on simplifying assumptions that may distort the s...
متن کاملNtru: a Public Key Cryptosystem
0. Introduction 1. Description of NTRU 1.1. Notation 1.2. Key Creation 1.3. Encryption 1.4. Decryption 1.5. Why Decryption Works 1.6. Parameter choices notation and a norm estimate 1.7. Sample spaces 1.8. A Decryption Criterion 2. Attributes and Advantages of NTRU 2.1. Theoretical Operating Speci cations 2.2. Comparison With Other PKCS's 3. Security Considerations 3.1. Security Analysis 3.2. Br...
متن کاملNTRU Cryptosystems Technical Report
In this note we describe, extend, and analyze the lattice construction ideas of Alexander May 1] as they apply to the NTRU public key cryptosystem. We use both theoretical and experimental methods to analyze the strength of the attacks. The nal conclusion is that the new attacks only marginally aaect the security levels of the standard commercial NTRU parameter sets (N = 167, 263, and 503), but...
متن کاملNTRU over rings beyond \mathbbZ{\mathbb{Z}}
The NTRU cryptosystem is constructed on the base ring Z. We give suitability conditions on rings to serve as alternate base rings. We present an example of an NTRU-like cryptosystem based on the Eisenstein integers Z[ζ3], which has a denser lattice structure than Z for the same dimension, and which furthermore presents a more difficult lattice problem for lattice attacks, for the same level of ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2005 شماره
صفحات -
تاریخ انتشار 2005