Reduced memory meet-in-the-middle attack against the NTRU private key

Vredendaal, Christine van

doi:10.1112/s1461157016000206

Cited by 18 publications

(8 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We thus estimate the attack cost as Lpt. The storage requirement of the attack is approximately L log 2 L. We can reduce this storage by applying collision search to the meet-in-the-middle attack (see [92,116]). In this case we can reduce the storage capacity by a factor s at the expense of increasing the running time by a factor √ s.…”

Section: Meet-in-the-middle Attackmentioning

confidence: 99%

NTRU Prime: Reducing Attack Surface at Low Cost

Bernstein

Chuengsatiansup

Lange

et al. 2017

Lecture Notes in Computer Science

Self Cite

124

View full text Add to dashboard Cite

Abstract. Several ideal-lattice-based cryptosystems have been broken by recent attacks that exploit special structures of the rings used in those cryptosystems. The same structures are also used in the leading proposals for post-quantum lattice-based cryptography, including the classic NTRU cryptosystem and typical Ring-LWE-based cryptosystems. This paper (1) proposes NTRU Prime, which tweaks NTRU to use rings without these structures; (2) proposes Streamlined NTRU Prime, a public-key cryptosystem optimized from an implementation perspective, subject to the standard design goal of IND-CCA2 security; (3) finds high-security post-quantum parameters for Streamlined NTRU Prime; and (4) optimizes a constant-time implementation of those parameters. The resulting sizes and speeds show that reducing the attack surface has very low cost.

show abstract

Section: Meet-in-the-middle Attackmentioning

confidence: 99%

NTRU Prime: Reducing Attack Surface at Low Cost

Bernstein

Chuengsatiansup

Lange

et al. 2017

Lecture Notes in Computer Science

Self Cite

124

View full text Add to dashboard Cite

show abstract

“…The NTRU algorithm [14][15][16] is an open secret system invented by three professors of mathematics at Brown University in 1996. It is a cryptosystem based on polynomial rings, and its security depends on the shortest vector problem (SVP).…”

Section: Description Of the Ntru Algorithmmentioning

confidence: 99%

“…By using nonce and limiteduse session keys, the proposed system scheme can prevent replay attack [16] as the session keys used in this scheme are used only once.…”

Section: Replay Attack Preventionmentioning

confidence: 99%

NFC Secure Payment and Verification Scheme with CS E-Ticket

Fan

Song

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

As one of the most important techniques in IoT, NFC (Near Field Communication) is more interesting than ever. NFC is a shortrange, high-frequency communication technology well suited for electronic tickets, micropayment, and access control function, which is widely used in the financial industry, traffic transport, road ban control, and other fields. However, NFC is becoming increasingly popular in the relevant field, but its secure problems, such as man-in-the-middle-attack and brute force attack, have hindered its further development. To address the security problems and specific application scenarios, we propose a NFC mobile electronic ticket secure payment and verification scheme in the paper. The proposed scheme uses a CS E-Ticket and offline session key generation and distribution technology to prevent major attacks and increase the security of NFC. As a result, the proposed scheme can not only be a good alternative to mobile e-ticket system but also be used in many NFC fields. Furthermore, compared with other existing schemes, the proposed scheme provides a higher security.

show abstract

“…A paper ‘A hybrid lattice‐reduction and meet in the middle attack against NTRU’ in CRYPTO 2007 was given as combination of both ways. In 2016, C. V. Vredendaal pointed out that the largest drawback to mount the meet in the middle attack is the memory capacity that is required for this. An algorithm is presented that uses low‐memory techniques to find collisions to meet in the middle attack given by Odlyzko against the NTRU private key.…”

Section: Ntru Cryptosystem ‐ Nth Degree Truncated Polynomial Ring Unitmentioning

confidence: 99%