. We present new results on the cryptanalysis of the NTRU Cryptosystem by lattice reduction. The new lattices have smaller dimension than those used in former attacks. In addition, they take advantage of the special structure of NTRU secret keys. A certain class of NTRU keys is especially suitable for these attacks, although the new methods apply to all keys. With these lattices, some instances of NTRU for medium security level can be broken in less than 1 hour. Further, weak keys can be broken for high security levels. Keywords: NTRU, lattice reduction, SVP, polynomial ring. 1 Introduction The NTRU Cryptosystem was first presented by J. Hoffstein, J. Pipher and J.H. Silverman in '96 . It is a ring-based cryptosystem operating in the polynomial ring ZZ q [X ]=(X n \Gamma 1) where n is the security parameter. NTRU has achieved considerable attention because of its encryption and decryption speed and the easyness of creating public-key/secret-key pairs, which makes it practical to ..