Paper 2019/083

Cryptanalysis of an NTRU-based Proxy Encryption Scheme from ASIACCS'15

Zhen Liu, Yanbin Pan, and Zhenfei Zhang

Abstract

In ASIACCS 2015, Nuñez, Agudo, and Lopez proposed a proxy re-encryption scheme, NTRUReEncrypt, based on NTRU, which allows a proxy to translate ciphertext under the delegator's public key into a re-encrypted ciphertext that can be decrypted correctly by delegatee's private key. In addition to its potential resistance to quantum algorithm, the scheme was also considered to be efficient. However, in this paper we point out that the re-encryption process will increase the decryption error, and the increased decryption error will lead to a reaction attack that enables the proxy to recover the private key of the delegator and the delegatee. Moreover, we also propose a second attack which enables the delegatee to recover the private key of the delegator when he collects enough re-encrypted ciphertexts from a same message. We reevaluate the security of NTRUReEncrypt, and also give suggestions and discussions on potential mitigation methods.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. PQCrypto 2019
Keywords
NTRUReEncryptNTRUDecryption FailureReaction AttackKey Recovery
Contact author(s)
Zhenfei zhang @ hotmail com
History
2019-02-24: revised
2019-01-28: received
See all versions
Short URL
https://ia.cr/2019/083
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/083,
      author = {Zhen Liu and Yanbin Pan and Zhenfei Zhang},
      title = {Cryptanalysis of an NTRU-based Proxy Encryption Scheme from ASIACCS'15},
      howpublished = {Cryptology ePrint Archive, Paper 2019/083},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/083}},
      url = {https://eprint.iacr.org/2019/083}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.