Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Analysis and Improvements of NTRU Encryption Paddings
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
How to Enhance the Security of Public-Key Encryption at Minimum Cost
PKC '99 Proceedings of the Second International Workshop on Practice and Theory in Public Key Cryptography
NTRU: A Ring-Based Public Key Cryptosystem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
Chosen-Ciphertext Security from Identity-Based Encryption
SIAM Journal on Computing
Generalized Compact Knapsacks, Cyclic Lattices, and Efficient One-Way Functions
Computational Complexity
Lossy trapdoor functions and their applications
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Trapdoors for hard lattices and new cryptographic constructions
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data
SIAM Journal on Computing
Quantum resistant public key cryptography: a survey
Proceedings of the 8th Symposium on Identity and Trust on the Internet
Chosen-Ciphertext Security via Correlated Products
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Public-key cryptosystems from the worst-case shortest vector problem: extended abstract
Proceedings of the forty-first annual ACM symposium on Theory of computing
On lattices, learning with errors, random linear codes, and cryptography
Journal of the ACM (JACM)
Efficient Public Key Encryption Based on Ideal Lattices
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
NTRUSign: digital signatures using the NTRU lattice
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Asymptotically efficient lattice-based digital signatures
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Making NTRU as secure as worst-case problems over ideal lattices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Generalized compact knapsacks are collision resistant
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
More constructions of lossy and correlation-secure trapdoor functions
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
Chosen-Ciphertext security from slightly lossy trapdoor functions
PKC'10 Proceedings of the 13th international conference on Practice and Theory in Public Key Cryptography
On ideal lattices and learning with errors over rings
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Efficient lattice (H)IBE in the standard model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
A key encapsulation mechanism for NTRU
IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Efficient collision-resistant hashing from worst-case assumptions on cyclic lattices
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Trapdoors for lattices: simpler, tighter, faster, smaller
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
| Hi-index | 0.00 |
NTRUEncrypt is a fast and practical lattice-based public-key encryption scheme, which has been standardized by IEEE, but until recently, its security analysis relied only on heuristic arguments. Recently, Stehlé and Steinfeld showed that a slight variant (that we call pNE ) could be proven to be secure under chosen-plaintext attack (IND-CPA), assuming the hardness of worst-case problems in ideal lattices. We present a variant of pNE called NTRUCCA , that is IND-CCA2 secure in the standard model assuming the hardness of worst-case problems in ideal lattices, and only incurs a constant factor overhead in ciphertext and key length over the pNE scheme. To our knowledge, our result gives the first IND-CCA2 secure variant of NTRUEncrypt in the standard model, based on standard cryptographic assumptions. As an intermediate step, we present a construction for an All-But-One (ABO) lossy trapdoor function from pNE , which may be of independent interest. Our scheme uses the lossy trapdoor function framework of Peikert and Waters, which we generalize to the case of (k −1)-of-k -correlated input distributions.