Paper 2018/630
Characterizing overstretched NTRU attacks
Gabrielle De Micheli, Nadia Heninger, and Barak Shani
Abstract
Overstretched NTRU, an NTRU variant with a large modulus, has been used as a building block for several cryptographic schemes in recent years. Recently, two lattice \emph{subfield attacks} and a \emph{subring attack} were proposed that broke some suggested parameters for overstretched NTRU. These attacks work by decreasing the dimension of the lattice to be reduced, which improves the performance of the lattice basis reduction algorithm. However, there are a number of conflicting claims in the literature over which of these attacks has the best performance. These claims are typically based on experiments more than analysis. Furthermore, the metric for comparison has been unclear in some prior work. In this paper, we argue that the correct metric should be the lattice dimension. We show both analytically and experimentally that the subring attack succeeds on a smaller dimension lattice than the subfield attack for the same problem parameters, and also succeeds with a smaller modulus when the lattice dimension is fixed.
Note: Few minor revisions.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Minor revision. to appear in Journal of Mathematical Cryptology
- Keywords
- lattice techniquesoverstretched NTRUsubfield attacksubring attack
- Contact author(s)
- gmicheli @ seas upenn edu
- History
- 2019-01-08: revised
- 2018-06-26: received
- See all versions
- Short URL
- https://ia.cr/2018/630
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/630,
author = {Gabrielle De Micheli and Nadia Heninger and Barak Shani},
title = {Characterizing overstretched {NTRU} attacks},
howpublished = {Cryptology {ePrint} Archive, Paper 2018/630},
year = {2018},
url = {https://eprint.iacr.org/2018/630}
}
