A wrap error attack against NTRUEncrypt

Authors:
Tommi Meskanen;Ari Renvall
Affiliations:
Department of Mathematics, University of Turku, Turku, Finland and Turku Centre for Computer Science, Turku, Finland;Department of Mathematics, University of Turku, Turku, Finland
Venue:
Discrete Applied Mathematics - Special issue: Coding and cryptography
Year:
2006

Citing 3
Cited 1

Analysis and Improvements of NTRU Encryption Paddings

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
NTRU: A Ring-Based Public Key Cryptosystem

ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory

Quantum resistant public key cryptography: a survey

Proceedings of the 8th Symposium on Identity and Trust on the Internet

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a chosen plaintext attack on the NTRU encryption system. We assume that the attacker can detect wrap errors, that the blinding polynomial is generated from three parts (as specified in the standards) and that the attacker has a large database of carefully selected plaintexts. The attack is based on the fact that wrap errors occur more frequently if blinding polynomials with larger coefficients are used.