Key Recovery Attacks on NTRU without Ciphertext Validation Routine
NTRU is an efficient public-key cryptosystem proposed by Hoffstein, Pipher, and Silverman. Assuming access to a decryption oracle, we show ways to recover the private key of NTRU systems that do not include a ciphertext validating procedure. The strongest of our methods will employ just a single call to the oracle, and in all cases, the number of calls needed will be small enough to be realistic.
KeywordsSmart Card Decryption Process Cyclic Shift Message Space Decryption Oracle
Unable to display preview. Download preview PDF.
- 1.Consortium for Efficient Embedded Security, Efficient embedded security standards #1: Implementation aspects of NTRUEncrypt and NTRUSign. Draft version 5. Available from http://www.ceesstandards.org.Google Scholar
- 2.Daewan Han, Jin Hong, Jae Woo Han, and Daesung Kwon, Key recovery attacks on NTRU without ciphertext validation routine. IACR ePrint 2002/188. Available from http://eprint.iacr.org.Google Scholar
- 3.Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman, NTRU: A ring-based public key cryptosystem. In Proc. of ANTS III, LNCS 1423. Springer-Verlag, 1998.Google Scholar
- 4.Jeffrey Hoffstein and Joseph Silverman, Optimizations for NTRU. In Public-Key Cryptogrphy and Computational Number Theory. DeGruyter, 2002. Available from .Google Scholar
- 5.Jeffrey Hoffstein and Joseph H. Silverman, Reaction attacks against the NTRU public key cryptosystem. Techinal report #015, NTRU Cryptosystems. Available from .Google Scholar
- 6.Jeffrey Hoffstein and Joseph H. Silverman, Protecting NTRU Against Chosen Ciphertext and Reaction Attacks, Technical Report #016, NTRU Cryptosystems. Available from .Google Scholar
- 7.IEEE Standard P1363.1/D4, Standard specifications for public key cryptography: Techniques based on hard problems over lattices, IEEE. Available from http://grouper.ieee.org/group/1363.Google Scholar
- 10.NTRU Cryptosystems, Technical reports. Available from http://www.ntru.com.Google Scholar
- 11.NTRU Cryptosystems, The NTRU public key cryptosystem — A tutorial. Available from http://www.ntru.com.Google Scholar