Cryptology ePrint Archive: Report 2001/005

A Note on Cryptanalysis of the Preliminary Version of the NTRU Signature Scheme

Ilya Mironov

Abstract: In this paper a preliminary version of the NTRU signature scheme is cryptanalyzed. The attack exploits a correlation between some bits of a signature and coefficients of a secret random polynomial. The attack does not apply to the next version of the signature scheme.

Category / Keywords: secret-key cryptography / NTRU cryptanalysis

Date: received 23 Jan 2001

Contact author: mironov at cs stanford edu

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20010124:090815 (All versions of this report)

Short URL: ia.cr/2001/005