Choosing Parameters for the Subfield Lattice Attack against overstretched NTRU

@inproceedings{Duong2017ChoosingPF,
  title={Choosing Parameters for the Subfield Lattice Attack against overstretched NTRU},
  author={Dung Hoang Duong and Masaya Yasuda and Tsuyoshi Takagi},
  booktitle={IACR Cryptology ePrint Archive},
  year={2017}
}
Albrecht et al. [1] at Crypto 2016 and Cheon et al. [4] at ANTS 2016 independently presented a subfield attack on overstretched NTRU problem. Their idea is to map the public key down to the subfield (by norm and trace map respectively) and hence obtain a lattice of smaller dimension for which a lattice reduction algorithm is efficiently applicable. At Eurocrypt 2017, Kirchner and Fouque proposed another variant attack which exploits the presence of orthogonal bases within the cyclotomic number… CONTINUE READING