12 Hits in 2.3 sec

Provably Secure NTRU Instances over Prime Cyclotomic Rings [chapter]

Yang Yu, Guangwu Xu, Xiaoyun Wang
2017 Lecture Notes in Computer Science  
In this work, we consider a variant of NTRUEncrypt over prime cyclotomic rings, i.e.  ...  However, classical NTRUEncrypt lacks a strong security guarantee and its security still relies on heuristic arguments.  ...  Revised NTRUEncrypt over Prime Cyclotomic Rings In this section, we will describe a variant of NTRUEncrypt over prime cyclotomic rings with provable security under the worst-case hardness assumption.  ... 
doi:10.1007/978-3-662-54365-8_17 fatcat:rvkt3op7wjfp3jr47fvdfinmke

A New Provably Secure Cryptosystem Using Dedekind Domain Direct Product Approach

Amir Hassani Karbasi
2018 Ratio Mathematica  
We show that our cryptosystem has security stronger than that of ETRU, over cartesian product of dedekind domains and extended cyclotomic polynomials.  ...  In this paper, we present a new NTRU-Like public-key cryptosystem with security provably based on the worst-case hardness of the approximate lattice problems (NP-hard problems) in some structured lattices  ...  The users to communicate over non-secure channels without any prior communication can use public-key cryptography.  ... 
doi:10.23755/rm.v34i0.404 doaj:83ab2c7b067f4eb89c721357d721aa95 fatcat:fdf6dduxabgrlcakxf4at6kmhm

Provably Secure Identity-Based Encryption and Signature over Cyclotomic Fields

Yang Wang, Mingqiang Wang, Jingdan Zou, Jin Xu, Jing Wang
2019 Wireless Communications and Mobile Computing  
schemes (IBE) and identity-based signature schemes (IBS) based on NTRU over any cyclotomic field.  ...  Whether there is provably secure identity-based cryptography over more general fields is still open.  ...  Motivated by the above reasons, we construct provably secure IBE and IBS schemes over any cyclotomic field.  ... 
doi:10.1155/2019/1742386 fatcat:e3qlsieymja4zd4ksuy7powmby

Choosing Parameters for NTRUEncrypt [chapter]

Jeff Hoffstein, Jill Pipher, John M. Schanck, Joseph H. Silverman, William Whyte, Zhenfei Zhang
2017 Lecture Notes in Computer Science  
We describe a methods for generating parameter sets and calculating security estimates for NTRUEncrypt.  ...  The provably secure variant of NTRUEncrypt by Stehlé and Steinfeld [20] , samples f and g from a discrete Gaussian distribution, and the NTRU-like signature scheme BLISS [17] samples its private keys  ...  For prime N the ring modulus factors into irreducibles over Q as X N − 1 = (X − 1)Φ N (X) where Φ N (X) is the N th cyclotomic polynomial.  ... 
doi:10.1007/978-3-319-52153-4_1 fatcat:mkfd36bhebbkrosxklwpthtggm

A Subfield Lattice Attack on Overstretched NTRU Assumptions [chapter]

Martin Albrecht, Shi Bai, Léo Ducas
2016 Lecture Notes in Computer Science  
However, because it does not apply for small moduli and hence NTRUEncrypt, it seems to have been forgotten.  ...  sub-exponential time 2 O(λ/ log 1/3 λ) invalidating the security claim of 2 Θ(λ) .  ...  This raises the question of whether NTRU and Ring-LWE are actually strictly harder than Ideal-SVP in the underlying number field, whether algorithms for Ideal-SVP in K can be lifted to modules over K as  ... 
doi:10.1007/978-3-662-53018-4_6 fatcat:dscjitvbdfhl5ajwfepg5xrbxm

Cryptanalysis of the Revised NTRU Signature Scheme [chapter]

Craig Gentry, Mike Szydlo
2002 Lecture Notes in Computer Science  
We also briefly address the security of NTRUSign, another NTRUbased signature scheme that was recently proposed at the rump session of Asiacrypt 2001.  ...  We also indicate how the security of NTRUSign is based on the hardness of several problems, not solely on the hardness of the usual NTRU lattice problem.  ...  In any case, these attacks show that NTRUSign cannot have any formal security property, since it is not secure against passive adversaries.  ... 
doi:10.1007/3-540-46035-7_20 fatcat:kffnjcxvmrbxhlzqrdfxlvz24u

Compact and Efficient NTRU-based KEM with Scalable Ciphertext Compression [article]

Zhichuang Liang, Boyue Fang, Jieyu Zheng, Yunlei Zhao
2022 arXiv   pre-print
On the one hand, it is benefited from a strong security guarantee since it has essentially not been broken over 24 years.  ...  The instantiation of CTRU is over the NTT-friendly rings of the form ℤ_q[x]/(x^n-x^n/2+1). To our knowledge, our CTRU is the most bandwidth efficient KEM based on the NTRU lattice up to now.  ...  Number theoretic transform (NTT) is a special case of fast Fourier transform (FFT) over a finite field [95] .  ... 
arXiv:2205.05413v1 fatcat:h7lage463venfb4otqu3t26the

A Decade of Lattice Cryptography

Chris Peikert
2016 Foundations and Trends® in Theoretical Computer Science  
This work surveys most of the major developments in lattice cryptography over the past ten years.  ...  Lattice-based cryptography is the use of conjectured hard problems on point lattices in R n as the foundation for secure cryptographic systems.  ...  This part of the proof actually holds for any ring of integers R of a number field (not just cyclotomics) and any sufficiently large modulus q.  ... 
doi:10.1561/0400000074 fatcat:5orjj3lrufdalfufl7ju6rnz3e

Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme [chapter]

Joppe W. Bos, Kristin Lauter, Jake Loftus, Michael Naehrig
2013 Lecture Notes in Computer Science  
However, in 2011, Stehlé and Steinfeld showed how to modify NTRUEncrypt to reduce security to standard problems in ideal lattices.  ...  In 1996, Hoffstein, Pipher and Silverman introduced an efficient lattice based encryption scheme dubbed NTRUEncrypt. Unfortunately, this scheme lacks a proof of security.  ...  [15] proposed an FHE scheme based on the work by Stehlé and Steinfeld [23] in which a provably secure version of NTRUEncrypt [12] is presented with security based on standard problems in ideal lattices  ... 
doi:10.1007/978-3-642-45239-0_4 fatcat:z3dwbea6i5bvbbvf5pc4dcktu4

Short Signatures with Short Public Keys from Homomorphic Trapdoor Functions [chapter]

Jacob Alperin-Sheriff
2015 Lecture Notes in Computer Science  
We present a lattice-based stateless signature scheme provably secure in the standard model.  ...  Our main technique involves using fully homomorphic computation to compute a degree d polynomial over the tags hidden in the matrices in the public key.  ...  By choosing f (x) to be irreducible over Z q , we ensure that R q is a field, and set T = R q .  ... 
doi:10.1007/978-3-662-46447-2_11 fatcat:wdde6ts72jathmt6ngwep3byyq

Efficient implementation of ideal lattice-based cryptography

Thomas Pöppelmann
2017 it - Information Technology  
One alternative is lattice-based cryptography which allows the construction of asymmetric public-key encryption and signature schemes that offer a good balance between security, performance, and key as  ...  Stehlé and Steinfeld [SS11] also proposed a provably secure NTRUEncrypt variant that is based on ideal lattices and defined in Z q [x]/ x n + 1 .  ...  [GSS + 11] report a vehicle-to-X communication accelerator based on an ECDSA signature over 256-bit prime fields.  ... 
doi:10.1515/itit-2017-0030 fatcat:mpmamskk25h3lbyshy4rfd4y4y

Coding techniques in lattice-based cryptography

Jiabo Wang, Cong Ling, China Scholarship Council
The decryption failure rate is a significant factor affecting the security level especially in the conversion from a CPA-secure PKE to a CCA-secure one by FO transform.  ...  Gaussian sampling over the integers is one of the fundamental building blocks of latticed-based cryptography.  ...  In this thesis we are interested in power-of-two cyclotomic fields, where the m th cyclotomic field for m = 2 k is defined by Definition 2. 5 ( 5 Ring-LWE, decision problem [LPR13a] ).  ... 
doi:10.25560/88513 fatcat:opbx72ijp5g6nlitg37attsvnu