Characterizing overstretched NTRU attacks

Gabrielle De Micheli, Nadia Heninger, Barak Shani
2020 Journal of Mathematical Cryptology  
AbstractOverstretched NTRU is a variant of NTRU with a large modulus. Recent lattice subfield and subring attacks have broken suggested parameters for several schemes. There are a number of conflicting claims in the literature over which attack has the best performance. These claims are typically based on experiments more than analysis. In this paper, we argue that comparisons should focus on the lattice dimension used in the attack. We give evidence, both analytically and experimentally, that
more » ... he subring attack finds shorter vectors and thus is expected to succeed with a smaller dimension lattice than the subfield attack for the same problem parameters, and also to succeed with a smaller modulus when the lattice dimension is fixed.
doi:10.1515/jmc-2015-0055 fatcat:vfblrl54t5gz7mqxupjypfikau