This paper presents software demonstrating that the 20year-old NTRU cryptosystem is competitive with more recent latticebased cryptosystems in terms of speed, key size, and ciphertext size. We present a slightly simpli ed version of textbook NTRU, select parameters for this encryption scheme that target the 128-bit post-quantum security level, construct a KEM that is CCA2-secure in the quantum ...

Cryptographic algorithms play a crucial role in the information society by providing protection from unauthorized access to sensitive data. It is clear that information technology will become increasingly pervasive, Hence we can expect the emergence of ubiquitous or pervasive computing, ambient intelligence. These new environments and applications will present new security challenges, and there...

Over the past decade, the hybrid lattice reduction and meetin-the middle attack (called the Hybrid Attack) has been used to evaluate the security of many lattice-based cryprocraphic schemes such as NTRU, NTRU prime, BLISS, and more. However, unfortunately none of the previous analyses of the Hybrid Attack is entirely satisfactory: they are based on simplifying assumptions that may distort the s...

The NTRU cryptosystem is constructed on the base ring Z. We give suitability conditions on rings to serve as alternate base rings. We present an example of an NTRU-like cryptosystem based on the Eisenstein integers Z[ζ3], which has a denser lattice structure than Z for the same dimension, and which furthermore presents a more difficult lattice problem for lattice attacks, for the same level of ...

The increasing connectivity o ered by constrained computing devices signals a vital need for public-key cryptography in such environments. By their nature, however, public-key systems have been diÆcult to implement in systems with limited computational power. The NTRU public-key cryptosystem addresses this problem by o ering tremendous performance enhancements over previous practical systems. T...

The NTRU public-key cryptosystem, proposed in 1996 by Hoffstein, Pipher and Silverman, is a fast and practical alternative to classical schemes based on factorization or discrete logarithms. In contrast to the latter schemes, it offers quasi-optimal asymptotic efficiency and conjectured security against quantum computing attacks. The scheme is defined over finite polynomial rings, and its secur...

We present the homomorphic evaluation of the Prince block cipher. Our leveled implementation is based on a generalization of NTRU. We are motivated by the drastic bandwidth savings that may be achieved by scheme conversion. To unlock this advantage we turn to lightweight ciphers such as Prince. These ciphers were designed from scratch to yield fast and compact implementations on resource-constr...

Can Bob give Alice his decryption secret and be convinced that she will not give it to someone else? This is achieved by a proxy re-encryption scheme where Alice does not have Bob’s secret but instead she can transform ciphertexts in order to decrypt them with her own key. In this article, we answer this question in a different perspective, relying on a property that can be found in the well-kn...

We propose NTT implementations with each supporting at least one parameter of NTRU and Prime. Our are based on size-1440, size-1536, size-1728 convolutions without algebraic assumptions the target polynomial rings. also several improvements for computation. Firstly, we introduce dedicated radix-(2, 3) butterflies combining Good–Thomas FFT vector-radix FFT. In general, there six they together su...