Skip to main content
Article thumbnail
Location of Repository

Cryptanalysis of NTRU

By Alexander May


. We present new results on the cryptanalysis of the NTRU Cryptosystem by lattice reduction. The new lattices have smaller dimension than those used in former attacks. In addition, they take advantage of the special structure of NTRU secret keys. A certain class of NTRU keys is especially suitable for these attacks, although the new methods apply to all keys. With these lattices, some instances of NTRU for medium security level can be broken in less than 1 hour. Further, weak keys can be broken for high security levels. Keywords: NTRU, lattice reduction, SVP, polynomial ring. 1 Introduction The NTRU Cryptosystem was first presented by J. Hoffstein, J. Pipher and J.H. Silverman in '96 [3]. It is a ring-based cryptosystem operating in the polynomial ring ZZ q [X ]=(X n \Gamma 1) where n is the security parameter. NTRU has achieved considerable attention because of its encryption and decryption speed and the easyness of creating public-key/secret-key pairs, which makes it practical to ..

Topics: NTRU, lattice reduction, SVP, polynomial ring
Year: 1999
OAI identifier: oai:CiteSeerX.psu:
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • (external link)
  • http://zeus.informatik.uni-fra... (external link)
  • Suggested articles

    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.