2007 | OriginalPaper | Buchkapitel
New Chosen-Ciphertext Attacks on NTRU
verfasst von : Nicolas Gama, Phong Q. Nguyen
Erschienen in: Public Key Cryptography – PKC 2007
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
We present new and efficient key-recovery chosen-ciphertext attacks on
NTRUencrypt
. Our attacks are somewhat intermediate between chosen-ciphertext attacks on
NTRUencrypt
previously published at CRYPTO ’00 and CRYPTO ’03. Namely, the attacks only work in the presence of decryption failures; we only submit valid ciphertexts to the decryption oracle, where the plaintexts are chosen uniformly at random; and the number of oracle queries is small. Interestingly, our attacks can also be interpreted from a provable security point of view: in practice, if one had access to a
NTRUencrypt
decryption oracle such that the parameter set allows decryption failures, then one could recover the secret key. For instance, for the initial NTRU-1998 parameter sets, the output of the decryption oracle on a single decryption failure is enough to recover the secret key.