Cryptology ePrint Archive: Report 2018/109
NTRU-LPR IND-CPA: A New Ideal Lattices-based Scheme
Soda Diop and Bernard Ousmane Sané and Nafissatou Diarra and Michel Seck
Abstract: In this paper, we propose NTRU-LPR IND-CPA, a new secure scheme based on the decisional variant of Bounded Distance Decoding problem over rings (DR-BDD). This scheme is IND-CPA secure and has two KEM variants IND-CCA2 secure in the random oracle model. NTRU-LPR IND-CPA is similar to NTRU LPRime and LPR Cryptosystem. NTRU-LPR IND-CPA does not have a problem of decryption failures. Our polynomial ring can be any ring of the form $\mathbb{Z}[x]/(q,f(x))$, where $f$ is a polynomial of degree $n$ and $q$ is an integer. Relatively to the DR-BDD problem, we propose to use square-free polynomials and such polynomials include $f(x)=x^n-x-1$ (as in NTRU LPRime) and $f(x)=x^n-1$ (as in NTRU). To avoid some weaknesses in Ring-LWE or NTRU-like schemes (Meet-in-the-middle attack, Hybrid attack, Weak keys, etc.), we do not use sparse polynomials or inversion of polynomials. Furthermore, to avoid backdoors, all polynomials in our scheme can be generated by hash functions. We also give a short comparative analysis between our new scheme and some proposals of the NIST Post-Quantum call (November 2017).
Category / Keywords: Lattice-based Post-Quantum Cryptography, NTRUEncrypt, NTRU-Prime, NTRU-LPRime, NTRU IND-CPA, KEM, Ring-LWE, Titanium, Kyber, NewHope, FrodoKEM, NTRU-HRSS-KEM, Security proof
Date: received 29 Jan 2018, last revised 5 Mar 2018
Contact author: fifiramatou at gmail com
Available format(s): PDF | BibTeX Citation
Note: Forgotten character
Version: 20180305:152429 (All versions of this report)
Short URL: ia.cr/2018/109
[ Cryptology ePrint archive ]