Abstract
NTRU is a fast public key cryptosystem presented in 1996 by Hoffstein, Pipher and Silverman ofBro wn University. It operates in the ring ofp olynomials ℤ[X]/(X N − 1), where the domain parameter N largely determines the security ofthe system. Although N is typically chosen to be prime, Silverman proposes taking N to be a power of two to enable the use of Fast Fourier Transforms. We break this scheme for the specified parameters by reducing lattices ofmanageably small dimension to recover partial information about the private key. We then use this partial information to recover partial information about the message or to recover the private key in its entirety.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
D. Coppersmith and A. Shamir. Lattice Attacks on NTRU. In Proc. of Eurocrypt '97, volume 1233 of LNCS, pages 52–61. Springer-Verlag, 1997.
E. Fujisaki and T. Okamoto. Secure Integration of Asymmetric and Symmetric Encryption Schemes. In Proc. of Crypto '99, volume 1666 of LNCS, pages 537–554. Springer-Verlag, 1999.
J. Hoffstein, D. Lieman, J. Pipher, and J.H. Silverman. NTRU: A Public Key Cryptosystem. Submission to IEEE P1363 (1999). Available at http://www.manta.ieee.org/groups/1363/StudyGroup/NewFam.html.
J. Hoffstein, J. Pipher, and J.H. Silverman. NTRU: A Ring Based Public Key Cryptosystem. In Proc. of ANTS III, volume 1423 of LNCS, pages 267–288. Springer-Verlag, 1998. Available at http://www.ntru.com.
E. Jaulmes and A. Joux. A Chosen-Ciphertext Attack against NTRU. In Proc. of Crypto '00, volume 1880 of LNCS, pages 20–35. Springer-Verlag, 2000.
A. May. Cryptanalysis of NTRU. Preprint, February 1999. Available at http://www.informatik.uni-frankfurt.de/~alex/crypto.html.
NTRU Cryptosystems. The NTRU Public Key Cryptosystem. Available at http://www.ntru.com/technology/tutorials/pkcstutorial.htm.
V. Shoup. Number Theory C++ Library (NTL) version 3.9. Available at http://www.shoup.net/ntl.
J.H. Silverman. Dimension-Reduced Lattices, Zero-Forced Lattices, and the NTRU Public Key Cryptosystem. NTRU Cryptosystems Technical Report No.13 (1999). Available at http://www.ntru.com.
J.H. Silverman. Estimated Breaking Times for NTRU Lattices. NTRU Cryptosystems Technical Report No.12 (1999). Available at http://www.ntru.com.
J.H. Silverman. Invertibility in Truncated Polynomial Rings. NTRU Cryptosystems Technical Report No.9 (1999). Available at http://www.ntru.com.
See J.H. Silverman. A Meet-in-the Middle Attack on an NTRU Private Key. NTRU Cryptosystems Technical Report No.4 (1997). Available at http://www.ntru.com.
J.H. Silverman. Wraps, Gaps, and Lattice Constants. NTRU Cryptosystems Technical Report No.11 (1999). Available at http://www.ntru.com.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gentry, C. (2001). Key Recovery and Message Attacks on NTRU-Composite. In: Pfitzmann, B. (eds) Advances in Cryptology — EUROCRYPT 2001. EUROCRYPT 2001. Lecture Notes in Computer Science, vol 2045. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44987-6_12
Download citation
DOI: https://doi.org/10.1007/3-540-44987-6_12
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42070-5
Online ISBN: 978-3-540-44987-4
eBook Packages: Springer Book Archive