Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
NTRUEncrypt
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Security and performance improvements== Using the latest suggested parameters (see [[#Table 1: Parameters|below]]) the NTRUEncrypt public key cryptosystem is secure to most attacks. There continues however to be a struggle between performance and security. It is hard to improve the security without slowing down the speed, and vice versa. One way to speed up the process without damaging the effectiveness of the algorithm, is to make some changes in the secret key '''f'''. First, construct '''f''' such that <math> \ \textbf{f} = 1+p\textbf{F} </math>, in which '''F''' is a small polynomial (i.e. coefficients {-1,0, 1}). By constructing '''f''' this way, '''f''' is invertible mod ''p''. In fact <math> \ \textbf{f}^{-1} = 1\pmod p </math>, which means that Bob does not have to actually calculate the inverse and that Bob does not have to conduct the second step of decryption. Therefore, constructing '''f''' this way saves a lot of time but it does not affect the security of the NTRUEncrypt because it is only easier to find <math> \ \textbf{f}_p </math> but '''f''' is still hard to recover. In this case '''f''' has coefficients different from -1, 0 or 1, because of the multiplication by ''p''. But because Bob multiplies by ''p'' to generate the public key '''h''', and later on reduces the ciphertext modulo ''p'', this will not have an effect on the encryption method. Second, '''f''' can be written as the product of multiple polynomials, such that the polynomials have many zero coefficients. This way fewer calculations have to be conducted. According to the 2020 NTRU NIST submission <ref>{{Cite web |title=NIST-PQ-Submission-NTRU-20201016.tar.gz |url=https://ntru.org/release/NIST-PQ-Submission-NTRU-20201016.tar.gz}}</ref> the following parameters are considered secure: ===Table 1: Parameters=== {| class="wikitable" |- ! ! '''N''' ! '''q''' ! '''p''' |- | 128 bit security margin (NTRU-HPS) | 509 | 2048 | 3 |- | 192 bit security margin (NTRU-HPS) | 677 | 2048 | 3 |- | 256 bit security margin (NTRU-HPS) | 821 | 4096 | 3 |- | 256 bit security margin (NTRU-HRSS) | 701 | 8192 | 3 |}
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)