Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security

ISC 2017: Information Security pp 79–91Cite as

Choosing Parameters for the Subfield Lattice Attack Against Overstretched NTRU

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10599))

Abstract

Albrecht et al. [1] at Crypto 2016 and Cheon et al. [4] at ANTS 2016 independently presented a subfield attack on overstretched NTRU problem. Their idea is to map the public key down to the subfield (by norm and trace map respectively) and hence obtain a lattice of smaller dimension for which a lattice reduction algorithm is efficiently applicable. At Eurocrypt 2017, Kirchner and Fouque proposed another variant attack which exploits the presence of orthogonal bases within the cyclotomic number rings and instead of using the matrix of the public key in the subfield, they use the multiplication matrix by the public key in the full field and apply a lattice reduction algorithm to a suitable projected lattice of smaller dimension. They also showed a tight estimation of the parameters broken by lattice reduction and implementation results that their attack is better than the subfield attack.

In this paper, we exploit technical results from Kirchner and Fouque [12] for the relative norm of field elements in the subfield and we use Hermite factor for estimating the output of a lattice basis reduction algorithm in order to analyze general choice of parameters for the subfield attack by Albrecht et al. [1]. As a result, we obtain the estimation for better choices of the subfields for which the attack works with smaller modulus. Our experiment results show that we can attack overstretched NTRU with modulus smaller than that of Albrecht et al. and of Kirchner and Fouque.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Albrecht, M., Bai, S., Ducas, L.: A subfield lattice attack on overstretched NTRU assumptions. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 153–178. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53018-4_6

    Chapter  Google Scholar 

  2. Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Math. Ann. 296(1), 625–635 (1993)

    Article  MATH  MathSciNet  Google Scholar 

  3. Bos, J.W., Lauter, K., Loftus, J., Naehrig, M.: Improved security for a ring-based fully homomorphic encryption scheme. In: Stam, M. (ed.) IMACC 2013. LNCS, vol. 8308, pp. 45–64. Springer, Heidelberg (2013). doi:10.1007/978-3-642-45239-0_4

    Chapter  Google Scholar 

  4. Cheon, J.H., Jeong, J., Lee, C.: An algorithm for NTRU problems and cryptanalysis of the GGH multilinear map without an encoding of zero. LMS J. Comput. Math. 19, 255–266 (2016). ANTS XII 2016

    Article  MATH  MathSciNet  Google Scholar 

  5. Cheon, J.H., Hhan, M., Lee, C.: Cryptanalysis of the overstretched NTRU problem for general modulus polynomial. ePrint 2017/484. https://eprint.iacr.org/2017/484

  6. Coppersmith, D., Shamir, A.: Lattice attacks on NTRU. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 52–61. Springer, Heidelberg (1997). doi:10.1007/3-540-69053-0_5

    Chapter  Google Scholar 

  7. Gama, N., Nguyen, P.Q.: Predicting lattice reduction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 31–51. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_3

    Chapter  Google Scholar 

  8. Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38348-9_1

    Chapter  Google Scholar 

  9. Gentry, C., Szydlo, M.: Cryptanalysis of the revised NTRU signature scheme. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 299–320. Springer, Heidelberg (2002). doi:10.1007/3-540-46035-7_20

    Chapter  Google Scholar 

  10. Hoffstein, J., Pipher, J., Schanck, J.M., Silverman, J.H., Whyte, W., Zhang, Z.: Choosing parameters for NTRUEncrypt. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 3–18. Springer, Cham (2017). doi:10.1007/978-3-319-52153-4_1

    Chapter  Google Scholar 

  11. Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). doi:10.1007/BFb0054868

    Chapter  Google Scholar 

  12. Kirchner, P., Fouque, P.-A.: Revisiting lattice attacks on overstretched NTRU parameters. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 3–26. Springer, Cham (2017). doi:10.1007/978-3-319-56620-7_1

    Chapter  Google Scholar 

  13. López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Proceedings of the Forty-Fourth Annual ACM Symposium on Theory of Computing, STOC 2012, pp. 1219–1234. ACM (2012)

    Google Scholar 

  14. Lyubashevsky, V., Micciancio, D.: Generalized compact knapsacks are collision resistant. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 144–155. Springer, Heidelberg (2006). doi:10.1007/11787006_13

    Chapter  Google Scholar 

  15. Stehlé, D., Steinfeld, R.: Making NTRU as secure as worst-case problems over ideal lattices. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 27–47. Springer, Heidelberg (2011). doi:10.1007/978-3-642-20465-4_4

    Chapter  Google Scholar 

Download references

Acknowledgments

We are grateful for the anonymous reviewers for their useful comments and suggestions. The first author would like to thank Martin Albrecht, Shi Bai and Paul Kirchner, for their kindness and helpful discussions. This work was supported by JST CREST Grant Number JPMJCR14D6, Japan. The first author thanks the Japanese Society for the Promotion of Science (JSPS) for financial support under grant KAKENHI 16K17644.

Author information

Authors and Affiliations

  1. Institute of Mathematics for Industry, Kyushu University, 744 Motooka Nishi-ku, Fukuoka, 819-0395, Japan

    Dung Hoang Duong, Masaya Yasuda & Tsuyoshi Takagi

  2. JST, CREST, 4-1-8 Honcho, Kawaguchi, Saitama, 332-0012, Japan

    Dung Hoang Duong, Masaya Yasuda & Tsuyoshi Takagi

Authors
  1. Dung Hoang Duong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masaya Yasuda
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tsuyoshi Takagi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dung Hoang Duong .

Editor information

Editors and Affiliations

  1. Inria, Tokyo, Japan

    Phong Q. Nguyen

  2. Singapore University of Technology and Design, Singapore, Singapore

    Jianying Zhou

Appendix

Appendix

Tables 4 and 5 show implementation results for the case \(n=2^9\) and \(n=2^{10}\) respectively, with the same choice of subfield \(\mathbb {L}\) such that \(|\mathbb {K}:\mathbb {L}|=4\).

Table 4. Implementation results for \(n=2^{9}\) and \(\log (r)=2\)
Full size table
Table 5. Implementation results for \(n=2^{10}\) and \(\log (r)=2\)
Full size table

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Duong, D.H., Yasuda, M., Takagi, T. (2017). Choosing Parameters for the Subfield Lattice Attack Against Overstretched NTRU. In: Nguyen, P., Zhou, J. (eds) Information Security. ISC 2017. Lecture Notes in Computer Science(), vol 10599. Springer, Cham. https://doi.org/10.1007/978-3-319-69659-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69659-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69658-4

  • Online ISBN: 978-3-319-69659-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation