Lattice Attacks on NTRU
NTRU is a new public key cryptosystem proposed at Crypto 96 by Hoffstein, Pipher and Silverman from the Mathematics department of Brown University. It attracted considerable attention, and is being advertised over the Internet by NTRU Cryptosystems. Its security is based on the difficulty of analyzing the result of polynomial arithmetic modulo two unrelated moduli, and its correctness is based on clustering properties of the sums of random variables. In this paper, we apply new lattice basis reduction techniques to cryptanalyze the scheme, to discover either the original secret key, or an alternative secret key which is equally useful in decoding the ciphertexts.
KeywordsCirculant Matrix Short Vector Lattice Basis Reduction Noncommutative Group Basis Reduction Algorithm
- 1.J. Hoffstein, J. Pipher and J. H. Silverman, “NTRU: A new high speed public key cryptosystem,” Manuscript, August 30, 1996; presented at rump session of Crypto 96.Google Scholar
- 2.J. Hoffstein, J. Pipher and J. H. Silverman, private communications, October 1996 and January 1997.Google Scholar