Advertisement

Choosing Parameters for NTRUEncrypt

  • Jeff Hoffstein
  • Jill Pipher
  • John M. Schanck
  • Joseph H. Silverman
  • William Whyte
  • Zhenfei ZhangEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10159)

Abstract

We describe a method for generating parameter sets, and calculating security estimates, for NTRUEncrypt. Our security analyses consider lattice attacks, the hybrid attack, subfield attacks, and quantum search. Analyses are provided for the IEEE 1363.1-2008 product-form parameter sets, for the NTRU Challenge parameter sets, and for two new parameter sets. These new parameter sets are designed to provide \(\ge 128\)-bit post-quantum security.

Keywords

Public-key cryptography/NTRUEncrypt Cryptanalysis Parameter derivation 

References

  1. 1.
  2. 2.
  3. 3.
    Bernstein, D.J.: Cost analysis of hash collisions: will quantum computers makeSHARCS obsolete? (2009). http://cr.yp.to/papers.html#collisioncost
  4. 4.
    Chen, Y., Nguyen, P.Q.: BKZ 2.0: better lattice security estimates. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 1–20. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_1 CrossRefGoogle Scholar
  5. 5.
    Chen, Y., Nguyen, P.Q.: BKZ 2.0: Better lattice security estimates (full version) (2011). http://www.di.ens.fr/~ychen/research/Full_BKZ.pdf
  6. 6.
    Ducas, L., Durmus, A., Lepoint, T., Lyubashevsky, V.: Lattice signatures and bimodal Gaussians. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 40–56. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40041-4_3 CrossRefGoogle Scholar
  7. 7.
    Fluhrer, S.R.: Quantum cryptanalysis of NTRU. IACR Cryptology ePrint Archive, 2015:676 (2015)Google Scholar
  8. 8.
    Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-78967-3_3 CrossRefGoogle Scholar
  9. 9.
    Hirschhorn, P.S., Hoffstein, J., Howgrave-Graham, N., Whyte, W.: Choosing NTRUEncrypt parameters in light of combined lattice reduction and MITM approaches. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 437–455. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01957-9_27 CrossRefGoogle Scholar
  10. 10.
    Hoffstein, J., Pipher, J., Schanck, J.M., Silverman, J.H., Whyte, W., Zhang, Z.: Choosing Parameters for NTRUEncrypt (full version). IACR Cryptology ePrint Archive 2015:708 (2015)Google Scholar
  11. 11.
    Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). doi: 10.1007/BFb0054868 CrossRefGoogle Scholar
  12. 12.
    Hoffstein, J., Silverman, J.H.: Optimizations for NTRU (2000)Google Scholar
  13. 13.
    Hoffstein, J., Silverman, J.H.: Random small hamming weight products with applications to cryptography. Discrete Appl. Math. 130(1), 37–49 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Hoffstein, J., Silverman, J.H., Whyte, W.: Provable Probability Bounds for NTRUEncrypt Convolution (2007). http://www.ntru.com
  15. 15.
    Howgrave-Graham, N.: A hybrid lattice-reduction and meet-in-the-middle attack against NTRU. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 150–169. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74143-5_9 CrossRefGoogle Scholar
  16. 16.
    Howgrave-Graham, N., Silverman, J.H., Whyte, W.: Choosing parameter sets for NTRUEncrypt with NAEP and SVES-3. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 118–135. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-30574-3_10 CrossRefGoogle Scholar
  17. 17.
    Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-20465-4_4 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Jeff Hoffstein
    • 1
  • Jill Pipher
    • 1
  • John M. Schanck
    • 2
    • 3
  • Joseph H. Silverman
    • 1
  • William Whyte
    • 3
  • Zhenfei Zhang
    • 3
    Email author
  1. 1.Brown UniversityProvidenceUSA
  2. 2.University of WaterlooWaterlooCanada
  3. 3.Security InnovationWilmingtonUSA

Personalised recommendations