Cryptology ePrint Archive: Report 2015/676

Quantum Cryptanalysis of NTRU

Scott Fluhrer

Abstract: This paper explores some attacks that someone with a Quantum Computer may be able to perform against NTRUEncrypt, and in particular NTRUEncrypt as implemented by the publicly available library from Security Innovation. We show four attacks that an attacker with a Quantum Computer might be able to perform against encryption performed by this library. Two of these attacks recover the private key from the public key with less effort than expected; in one case taking advantage of how the published library is implemented, and the other, an academic attack that works against four of the parameter sets defined for NTRUEncrypt. In addition, we also show two attacks that are able to recover plaintext from the ciphertext and public key with less than expected effort. This has potential implications on the use of NTRU within TOR, as suggested by Whyte and Schanck

Category / Keywords: public-key cryptography / NTRU, Quantum Cryptography

Date: received 4 Jul 2015, last revised 5 Jul 2015

Contact author: sfluhrer at cisco com

Available format(s): PDF | BibTeX Citation

Version: 20150705:195851 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]