• Corpus ID: 43161231

NTRUEncrypt and Lattice Attacks

@inproceedings{Rosenberg2004NTRUEncryptAL,
  title={NTRUEncrypt and Lattice Attacks},
  author={Daniel Rosenberg},
  year={2004},
  url={https://api.semanticscholar.org/CorpusID:43161231}
}
This Master’s project has implemented lattice attacks using dimension-reduced and zero-forced lattices, and reduced a modified version of the zero- Forced lattice, which performed better than the original zero-forcing lattice.
nada.kth.se
2 Citations
Background Citations
1

Figures and Tables from this paper

2 Citations

A lower dimension lattice attack on NTRU

This subsection will analyse the determinant of the IN-Lattice in different cases and give a general lattice determinant formula.

Evaluation of HIMMO with Long Identifiers,an Extension of the HIMMO Key Establishment Scheme

The main result of our work is a more complete view on the actual performance of the HIMMO key establishment scheme, including a modification that makes the system more scalable.

26 References

Analysis and Improvements of NTRU Encryption Paddings

It turns out that the first NTRU padding scheme is not even semantically secure (INDCPA), but the second and third can be proven IND-CCA2-secure in the random oracle model, under however rather unusual assumptions.

Lattice Attacks on NTRU

New lattice basis reduction techniques are applied to cryptanalyze NTRU, to discover either the original secret key, or an alternative secret key which is equally useful in decoding the ciphertexts.

Attacking the Chor-Rivest Cryptosystem by Improved Lattice Reduction

Algorithms for lattice basis reduction that are improvements of the famous L3-algorithm are introduced that solve random subset sum problems of arbitrary density with 74 and 82 many weights and by breaking Damgard's hash function.

Title: Estimated Breaking times for Ntru Lattices

It is found that NTRU 167, NTR U 263, and NTRu 503 are at least as secure as RSA 512, RSA 1024, and RSA 2048 respectively.

Imperfect Decryption and an Attack on the NTRU Encryption Scheme

A new type of encryption scheme is defined which encompasses both NTRU and an attack model for the attacks presented against it, and uses an oracle for determining if valid ciphertexts can be correctly deciphered, and recover the user’s secret key.

The Two Faces of Lattices in Cryptology

This talk will try to survey the main examples of the two faces of lattices in cryptology, and find out whether public-key cryptosystems based on the hardness of lattice problems, and lattices play a crucial role in a few security proofs.

A method for obtaining digital signatures and public-key cryptosystems

An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys.

The shortest vector problem in L2 is NP-hard for randomized reductions (extended abstract)

There is a prob-abilistic Turing-machine which in polynomial time reduces any problem in NP to instances of the shortest vector problem, provided that it can use an oracle which returns the solution of the longest vector problem if an instance of it is presented (by giving a basis of the corresponding lattice).

A public-key cryptosystem with worst-case/average-case equivalence

We present a probabilistic public key cryptosystem which is secure unless the worst case of the following lattice problem can be solved in polynomial time: “Find the shortest nonzero vector in an n

Public-Key Cryptosystems from Lattice Reduction Problems

A new proposal for a trapdoor one-way function, from which the security of the new construction is based on the conjectured computational difficulty of lattice-reduction problems, providing a possible alternative to existing public-key encryption algorithms and digital signatures such as RSA and DSS.