Key Recovery Attacks on NTRU without Ciphertext Validation Routine

  • Daewan Han
  • Jin Hong
  • Jae Woo Han
  • Daesung Kwon
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2727)

Abstract

NTRU is an efficient public-key cryptosystem proposed by Hoffstein, Pipher, and Silverman. Assuming access to a decryption oracle, we show ways to recover the private key of NTRU systems that do not include a ciphertext validating procedure. The strongest of our methods will employ just a single call to the oracle, and in all cases, the number of calls needed will be small enough to be realistic.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Consortium for Efficient Embedded Security, Efficient embedded security standards #1: Implementation aspects of NTRUEncrypt and NTRUSign. Draft version 5. Available from http://www.ceesstandards.org.Google Scholar
  2. 2.
    Daewan Han, Jin Hong, Jae Woo Han, and Daesung Kwon, Key recovery attacks on NTRU without ciphertext validation routine. IACR ePrint 2002/188. Available from http://eprint.iacr.org.Google Scholar
  3. 3.
    Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman, NTRU: A ring-based public key cryptosystem. In Proc. of ANTS III, LNCS 1423. Springer-Verlag, 1998.Google Scholar
  4. 4.
    Jeffrey Hoffstein and Joseph Silverman, Optimizations for NTRU. In Public-Key Cryptogrphy and Computational Number Theory. DeGruyter, 2002. Available from [10].Google Scholar
  5. 5.
    Jeffrey Hoffstein and Joseph H. Silverman, Reaction attacks against the NTRU public key cryptosystem. Techinal report #015, NTRU Cryptosystems. Available from [10].Google Scholar
  6. 6.
    Jeffrey Hoffstein and Joseph H. Silverman, Protecting NTRU Against Chosen Ciphertext and Reaction Attacks, Technical Report #016, NTRU Cryptosystems. Available from [10].Google Scholar
  7. 7.
    IEEE Standard P1363.1/D4, Standard specifications for public key cryptography: Techniques based on hard problems over lattices, IEEE. Available from http://grouper.ieee.org/group/1363.Google Scholar
  8. 8.
    Éliane Jaulmes and Antoine Joux, A chosen-ciphertext attack against NTRU. Advances in Cryptology — CRYPTO 2000, LNCS 1880. Springer-Verlag, 2000.CrossRefGoogle Scholar
  9. 9.
    Phong Q. Nguyen and David Pointcheval, Analysis and improvements of NTRU encryption paddings. Advances in Cryptology — CRYPTO 2002, LNCS 2442. Springer-Verlag, 2002.CrossRefGoogle Scholar
  10. 10.
    NTRU Cryptosystems, Technical reports. Available from http://www.ntru.com.Google Scholar
  11. 11.
    NTRU Cryptosystems, The NTRU public key cryptosystem — A tutorial. Available from http://www.ntru.com.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Daewan Han
    • 1
  • Jin Hong
    • 1
  • Jae Woo Han
    • 1
  • Daesung Kwon
    • 1
  1. 1.National Security Research InstituteDaejeonKorea

Personalised recommendations