Cryptanalysis of NTRU with two Public Keys

NTRU is a fast public key cryptosystem presented in 1996 by Hoffstein, Pipher and Silverman. It operates in the ring of truncated polynomials. In NTRU, a public key is a polynomial defined by the combination of two private polynomials. In this paper, we consider NTRU with two different public keys defined by different private keys. We present a lattice-based attack to recover the private keys assuming that the public keys share polynomials with a suitable number of common coefficients.

[1]  RegevOded,et al.  On Ideal Lattices and Learning with Errors over Rings , 2013 .

[2]  Alexander May,et al.  Implicit Factoring: On Polynomial Time Factoring Given Only an Implicit Hint , 2009, Public Key Cryptography.

[3]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[4]  Santanu Sarkar,et al.  Further results on implicit factoring in polynomial time , 2009, Adv. Math. Commun..

[5]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[6]  László Lovász,et al.  Factoring polynomials with rational coefficients , 1982 .

[7]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[8]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[9]  Ron Steinfeld,et al.  Making NTRU as Secure as Worst-Case Problems over Ideal Lattices , 2011, EUROCRYPT.

[10]  Adi Shamir,et al.  Lattice Attacks on NTRU , 1997, EUROCRYPT.

[11]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[12]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[13]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[14]  Bo Yang,et al.  A Traitor Tracing Scheme Based on the RSA System , 2007, Int. J. Netw. Secur..

[15]  Zhenfu Cao,et al.  Universal Encrypted Deniable Authentication Protocol , 2009, Int. J. Netw. Secur..