Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Do you have any mathematical proof of the security of NTRUEncrypt and NTRUSign?

mathematical ntruencrypt proof security
0
Posted

Do you have any mathematical proof of the security of NTRUEncrypt and NTRUSign?

0 CommentsAdd a Comment

1 Answer

0

NTRUEncrypt uses techniques derived from an approach due to Fujisaki and Okamoto, which give the property of Indistinguishability against Adaptive Chosen Ciphertext Attack (IND-CCA2). Details are in [1] and [2]. [1] E.Fujisaki,T.Okamoto, How to Enhance the Security of Public-Key Encryption at Minimum Cost, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol.E83-A, No.1, Special Issue on Cryptography and Information Security (January 2000) [2] NTRU Technical Note 16, available from Technical Notes (all tech notes) NTRUTech016.pdf (PDF of #16) The security relies on various assumptions, of which the most important are: – the hash function used behaves as a random oracle; – the Shortest Vector Problem and Closest Vector Problem are hard to solve in the NTRU lattice. NTRUSign, in the random oracle model, also reduces to the assumption that SVP and CVP are hard problems in the NTRU lattice. NTRU Tech Notes 12 and 13 give the results of numerical expe

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123