Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CRYPTO
2000
Springer
2000
Springer
A Chosen-Ciphertext Attack against NTRU
We present a chosen-ciphertext attack against the public key cryptosystem called NTRU. This cryptosystem is based on polynomial algebra. Its security comes from the interaction of the polynomial mixing system with the independence of reduction modulo two relatively prime integers p and q. In this paper, we examine the effect of feeding special polynomials built from the public key to the decryption algorithm. We are then able to conduct a chosen-ciphertext attack that recovers the secret key from a few ciphertexts/cleartexts pairs with good probability. Finally, we show that the OAEP-like padding proposed for use with NTRU does not protect against this attack. 1 Overview In [7], Hoffstein, Pipher and Silverman have presented a public key cryptosystem based on polynomial algebra called NTRU. The security of NTRU comes from the interaction of the polynomial mixing system with the independence of reduction modulo p and q. In [7], the authors have studied different possible attacks on t...
Real-time TrafficRelated Content
| Added | 02 Aug 2010 |
| Updated | 02 Aug 2010 |
| Type | Conference |
| Year | 2000 |
| Where | CRYPTO |
| Authors | Éliane Jaulmes, Antoine Joux |
Comments (0)
Researcher Info
|
