Paper 2019/100

Power Analysis on NTRU Prime

Wei-Lun Huang, Jiun-Peng Chen, and Bo-Yin Yang


This paper applies a variety of power analysis techniques to several implementations of NTRU Prime, a Round 2 submission to the NIST PQC Standardization Project. The techniques include vertical correlation power analysis, horizontal in-depth correlation power analysis, online template attacks, and chosen-input simple power analysis. The implementations include the reference one, the one optimized using smladx, and three protected ones. Adversaries in this study can fully recover private keys with one single trace of short observation span, with few template traces from a fully controlled device similar to the target and no a priori power model, or sometimes even with the naked eye. The techniques target the constant-time generic polynomial multiplications in the product scanning method. Though in this work they focus on the decapsulation, they also work on the key generation and encapsulation of NTRU Prime. Moreover, they apply to the ideal-lattice-based cryptosystems where each private-key coefficient comes from a small set of possibilities.

Available format(s)
Publication info
Published by the IACR in TCHES 2020
Ideal Lattice CryptographySingle-Trace AttackCorrelation Power AnalysisTemplate AttackSimple Power AnalysisNTRU Prime
Contact author(s)
271828182euler @ gmail com
jpchen @ ieee org
byyang @ iis sinica edu tw
2019-10-15: revised
2019-01-31: received
See all versions
Short URL
Creative Commons Attribution


      author = {Wei-Lun Huang and Jiun-Peng Chen and Bo-Yin Yang},
      title = {Power Analysis on {NTRU} Prime},
      howpublished = {Cryptology ePrint Archive, Paper 2019/100},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.