Key Recovery and Message Attacks on NTRU-Composite
نویسنده
چکیده
NTRU is a fast public key cryptosystem presented in 1996 by Hoffstein, Pipher and Silverman of Brown University. It operates in the ring of polynomials Z[X]/(X − 1), where the domain parameter N largely determines the security of the system. Although N is typically chosen to be prime, Silverman proposes taking N to be a power of two to enable the use of Fast Fourier Transforms. We break this scheme for the specified parameters by reducing lattices of manageably small dimension to recover partial information about the private key. We then use this partial information to recover partial information about the message or to recover the private key in its entirety.
منابع مشابه
Practical Cryptanalysis of a Public-Key Encryption Scheme Based on Non-linear Indeterminate Equations at SAC 2017
We investigate the security of a public-key encryption scheme, the Indeterminate Equation Cryptosystem (IEC), introduced by Akiyama, Goto, Okumura, Takagi, Nuida, and Hanaoka at SAC 2017 as postquantum cryptography. They gave two parameter sets PS1 (n, p, deg X, q) = (80, 3, 1, 921601) and PS2 (n, p, deg X, q) = (80, 3, 2, 58982400019). The paper gives practical key-recovery and message-recover...
متن کاملTitle: Plaintext Awareness and the Ntru Pkcs
RSA and Bell Labs 2, 3] have recently announced a potential attack on certain public key protocols, along with several suggested countermeasures. The most secure of these countermeasures uses the concept of plaintext aware, which means that it should be infeasible to construct a valid ciphertext without knowing the corresponding plaintext. Failure to be plaintext aware may open a cryptosystem t...
متن کاملQTRU: quaternionic version of the NTRU public-key cryptosystems
In this paper we will construct a lattice-based public-key cryptosystem using non-commutative quaternion algebra, and since its lattice does not fully fit within Circular and Convolutional Modular Lattice (CCML), we prove it is arguably more secure than the existing lattice-based cryptosystems such as NTRU. As in NTRU, the proposed public-key cryptosystem relies for its inherent securi...
متن کاملNtru: a Public Key Cryptosystem
0. Introduction 1. Description of NTRU 1.1. Notation 1.2. Key Creation 1.3. Encryption 1.4. Decryption 1.5. Why Decryption Works 1.6. Parameter choices notation and a norm estimate 1.7. Sample spaces 1.8. A Decryption Criterion 2. Attributes and Advantages of NTRU 2.1. Theoretical Operating Speci cations 2.2. Comparison With Other PKCS's 3. Security Considerations 3.1. Security Analysis 3.2. Br...
متن کاملKey Recovery Attacks Against NTRU-Based Somewhat Homomorphic Encryption Schemes
A key recovery attack allows an attacker to recover the private key of an underlying encryption scheme when given a number of decryption oracle accesses. Previous research has shown that most existing Somewhat Homomorphic Encryption (SHE) schemes suffer from this attack. In this paper, we propose efficient key recovery attacks against two NTRU-based SHE schemes, which have not gained much atten...
متن کامل