Speed Records for NTRU

In this paper NTRUEncrypt is implemented for the first time on a GPU using the CUDA platform. As is shown, this operation lends itself perfectly for parallelization and performs extremely well compared to similar security levels for ECC and RSA giving speedups of around three to five orders of magnitude. The focus is on achieving a high throughput, in this case performing a large number of encryptions/decryptions in parallel. Using a modern GTX280 GPU a throughput of up to 200 000 encryptions per second can be reached at a security level of 256 bits. This gives a theoretical data throughput of 47.8 MB/s. Comparing this to a symmetric cipher (not a very common comparison), this is only around 20 times slower than a recent AES implementation on a GPU.

[1]  David Pointcheval,et al.  The Impact of Decryption Failures on the Security of NTRU Encryption , 2003, CRYPTO.

[2]  John Waldron,et al.  AES Encryption Implementation and Analysis on Commodity Graphics Processing Units , 2007, CHES.

[3]  Elaine B. Barker,et al.  SP 800-57. Recommendation for Key Management, Part 1: General (revised) , 2007 .

[4]  Nigel P. Smart,et al.  Toward Acceleration of RSA Using 3D Graphics Hardware , 2007, IMACC.

[5]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[6]  Chen,et al.  The billion-mulmod-per-second PC , 2009 .

[7]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[8]  Tim Güneysu,et al.  Exploiting the Power of GPUs for Asymmetric Cryptography , 2008, CHES.

[9]  Nick Howgrave-Graham,et al.  A Hybrid Lattice-Reduction and Meet-in-the-Middle Attack Against NTRU , 2007, CRYPTO.

[10]  Joseph H. Silverman,et al.  Random small Hamming weight products with applications to cryptography , 2003, Discret. Appl. Math..

[11]  Joseph H. Silverman,et al.  NTRU in Constrained Devices , 2001, CHES.

[12]  Ingrid Verbauwhede,et al.  Low-cost implementations of NTRU for pervasive security , 2008, 2008 International Conference on Application-Specific Systems, Architectures and Processors.

[13]  晋輝 趙,et al.  H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen and F. Vercauteren (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography, Discrete Math. Appl. (Boca Raton)., Chapman & Hall/CRC, 2006年,xxxiv + 808ページ. , 2009 .

[14]  Sebastian Fleissner GPU-Accelerated Montgomery Exponentiation , 2007, International Conference on Computational Science.

[15]  John J. Cannon,et al.  The Magma Algebra System I: The User Language , 1997, J. Symb. Comput..

[16]  Arjen K. Lenstra,et al.  Selecting Cryptographic Key Sizes , 2000, Journal of Cryptology.

[17]  IEEE P1363.1TMD,et al.  IEEE P1363.1 Draft 10: Draft Standard for Public Key Cryptographic Techniques Based on Hard Problems over Lattices , 2008, IACR Cryptol. ePrint Arch..

[18]  Angelos D. Keromytis,et al.  CryptoGraphics: Secret Key Cryptography Using Graphics Cards , 2005, CT-RSA.

[19]  Craig Gentry Key Recovery and Message Attacks on NTRU-Composite , 2001, EUROCRYPT.

[20]  S.A. Manavski,et al.  CUDA Compatible GPU as an Efficient Hardware Accelerator for AES Cryptography , 2007, 2007 IEEE International Conference on Signal Processing and Communications.

[21]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.