NTRU over the Eisenstein Integers

Jarvis, Katherine

29 March 2011

NTRU is a fast public-key cryptosystem that is constructed using polynomial rings with integer coefficients. We present ETRU, an NTRU-like cryptosystem based on the Eisenstein integers. We discuss parameter selection and develop a model for the probabilty of decryption failure. We also provide an implementation of ETRU. We use theoretical and experimental data to compare the security and efficiency of ETRU to NTRU with comparable parameter sets and show that ETRU is an improvement over NTRU in terms of security.

NTRU

Eisenstein Integers

Public Key Cryptography

Lattice Based Cryptography

NTRU over the Eisenstein Integers

Jarvis, Katherine

29 March 2011

NTRU is a fast public-key cryptosystem that is constructed using polynomial rings with integer coefficients. We present ETRU, an NTRU-like cryptosystem based on the Eisenstein integers. We discuss parameter selection and develop a model for the probabilty of decryption failure. We also provide an implementation of ETRU. We use theoretical and experimental data to compare the security and efficiency of ETRU to NTRU with comparable parameter sets and show that ETRU is an improvement over NTRU in terms of security.

NTRU

Eisenstein Integers

Public Key Cryptography

Lattice Based Cryptography

NTRU over the Eisenstein Integers

Jarvis, Katherine

29 March 2011

NTRU is a fast public-key cryptosystem that is constructed using polynomial rings with integer coefficients. We present ETRU, an NTRU-like cryptosystem based on the Eisenstein integers. We discuss parameter selection and develop a model for the probabilty of decryption failure. We also provide an implementation of ETRU. We use theoretical and experimental data to compare the security and efficiency of ETRU to NTRU with comparable parameter sets and show that ETRU is an improvement over NTRU in terms of security.

NTRU

Eisenstein Integers

Public Key Cryptography

Lattice Based Cryptography

NTRU over the Eisenstein Integers

Jarvis, Katherine

January 2011

NTRU is a fast public-key cryptosystem that is constructed using polynomial rings with integer coefficients. We present ETRU, an NTRU-like cryptosystem based on the Eisenstein integers. We discuss parameter selection and develop a model for the probabilty of decryption failure. We also provide an implementation of ETRU. We use theoretical and experimental data to compare the security and efficiency of ETRU to NTRU with comparable parameter sets and show that ETRU is an improvement over NTRU in terms of security.

NTRU

Eisenstein Integers

Public Key Cryptography

Lattice Based Cryptography

Kryptosystém NTRU a jeho varianty / NTRU cryptosystem and its modifications

Poláková, Kristýna

January 2016

The theses firstly introduces the basics of lattice problems. Then it focuses on various aspects of the cryptosystem NTRU which is based on the mentioned problems. The system is then compared with the most common encryption methods used nowadays. Its supposed quantum resistence is mentioned briefly. Subsequently the author tries to minimize the system's disadvantages by various cryptosystem modifications. Powered by TCPDF (www.tcpdf.org)

On The Ntru Public Key Cryptosystem

Cimen, Canan

01 September 2008

NTRU is a public key cryptosystem, which was first introduced in 1996. It is a ring-based cryptosystem and its security relies on the complexity of a well-known lattice problem, i.e. shortest vector problem (SVP). There is no efficient algorithm known to solve SVP exactly in arbitrary high dimensional lattices. However, approximate solutions to SVP can be found by lattice reduction algorithms. LLL is the first polynomial time algorithm that finds reasonable short vectors of a lattice. The best known attacks on the NTRU cryptosystem are lattice attacks. In these attacks, the lattice constructed by the public key of the system is used to find the private key. The target vector, which includes private key of the system is one of the short vectors of the NTRU lattice. In this thesis, we study NTRU cryptosystem and lattice attacks on NTRU. Also, we applied an attack to a small dimensional NTRU lattice.

QA General 15707

RNS-Based NTT Polynomial Multiplier for Lattice-Based Cryptography

January 2020

abstract: Lattice-based Cryptography is an up and coming field of cryptography that utilizes the difficulty of lattice problems to design lattice-based cryptosystems that are resistant to quantum attacks and applicable to Fully Homomorphic Encryption schemes (FHE). In this thesis, the parallelization of the Residue Number System (RNS) and algorithmic efficiency of the Number Theoretic Transform (NTT) are combined to tackle the most significant bottleneck of polynomial ring multiplication with the hardware design of an optimized RNS-based NTT polynomial multiplier. The design utilizes Negative Wrapped Convolution, the NTT, RNS Montgomery reduction with Bajard and Shenoy extensions, and optimized modular 32-bit channel arithmetic for nine RNS channels to accomplish an RNS polynomial multiplication. In addition to a full software implementation of the whole system, a pipelined and optimized RNS-based NTT unit with 4 RNS butterflies is implemented on the Xilinx Artix-7 FPGA(xc7a200tlffg1156-2L) for size and delay estimates. The hardware implementation achieves an operating frequency of 47.043 MHz and utilizes 13239 LUT's, 4010 FF's, and 330 DSP blocks, allowing for multiple simultaneously operating NTT units depending on FGPA size constraints. / Dissertation/Thesis / Masters Thesis Electrical Engineering 2020

Electrical engineering

FHE

Hardware

Lattice-based Cryptography

NTT

Polynomial Multiplier

RNS

Performance analysis of lattice based post-quantum secure cryptography with Java

Johansson, Alexander

January 2019

Efficient quantum computers will break most of today’s public-key cryptosystems. Therefore, the National Institute of Standards and Technology (NIST) calls for proposals to standardise one or more quantum-secure cryptographic schemes. Eventually, banks must adopt the standardised schemes, but little is known about how efficient such an implementation would be in Java, one of the standard programming languages for banks. In this thesis, we test and evaluate a post-quantum secure encryption scheme known as FrodoKEM, which is based on a hard lattice problem known as Learning With Errors (LWE). We found that a post-quantum secure encryption version of FrodoKEM provides strong theoretical security regarding the criteria given by NIST, and is also sufficiently fast for key generation, encryption and decryption. These results imply that it could be possible to implement these types of post-quantum secure algorithms in high-level programming languages such as Java, demonstrating that we no longer are limited to use low-level languages such as C. Consequently, we can easier and cheaper implement post-quantum secure cryptography.

Cryptography

Post-quantum secure cryptography

Lattice-based cryptography

Learning with errors

Java

Other Computer and Information Science

Annan data- och informationsvetenskap

Implementing and Evaluating the Quantum Resistant Cryptographic Scheme Kyber on a Smart Card / Implementering och utvärdering av den kvantresistenta kryptoalgoritmen Kyber på ett smartkort

Eriksson, Hampus

January 2020

Cyber attacks happen on a daily basis, where criminals can aim to disrupt internet services or in other cases try to get hold of sensitive data. Fortunately, there are systems in place to protect these services. And one can rest assured that communication channels and data are secured under well-studied cryptographic schemes. Still, a new class of computation power is on the rise, namely quantum computation. Companies such as Google and IBM have in recent time invested in research regarding quantum computers. In 2019, Google announced that they had achieved quantum supremacy. A quantum computer could in theory break the currently most popular schemes that are used to secure communication. Whether quantum computers will be available in the forseeable future, or at all, is still uncertain. Nonetheless, the implication of a practical quantum computer calls for a new class of crypto schemes; schemes that will remain secure in a post-quantum era. Since 2016 researchers within the field of cryptography have been developing post-quantum cryptographic schemes. One specific branch within this area is lattice-based cryptography. Lattice-based schemes base their security on underlying hard lattice problems, for which there are no currently known efficient algorithms that can solve them. Neither with quantum, nor classical computers. A promising scheme that builds upon these types of problems is Kyber. The aforementioned scheme, as well as its competitors, work efficiently on most computers. However, they still demand a substantial amount of computation power, which is not always available. Some devices are constructed to operate with low power, and are computationally limited to begin with. This group of constrained devices, includes smart cards and microcontrollers, which also need to adopt the post-quantum crypto schemes. Consequently, there is a need to explore how well Kyber and its relatives work on these low power devices. In this thesis, a variant of the cryptographic scheme Kyber is implemented and evaluated on an Infineon smart card. The implementation replaces the scheme’s polynomial multiplication technique, NTT, with Kronecker substitution. In the process, the cryptographic co-processor on the card is leveraged to perform Kronecker substitution efficiently. Moreover, the scheme’s original functionality for sampling randomness is replaced with the card’s internal TRNG. The results show that an IND-CPA secure variant of Kyber can be implemented on the smart card, at the cost of segmenting the IND-CPA functions. All in all, key generation, encryption, and decryption take 23.7 s, 30.9 s and 8.6 s to execute respectively. This shows that the thesis work is slower than implementations of post-quantum crypto schemes on similarly constrained devices.

post-quantum

cryptography

lattice-based cryptography

quantum-resistant

Kyber

constrained device

performance

evaluation

implementation

Communication Systems

Kommunikationssystem

Lattice - Based Cryptography - Security Foundations and Constructions / Cryptographie reposant sur les réseaux Euclidiens - Fondations de sécurité et Constructions

Roux-Langlois, Adeline

17 October 2014

La cryptographie reposant sur les réseaux Euclidiens est une branche récente de la cryptographie dans laquelle la sécurité des primitives repose sur la difficulté présumée de certains problèmes bien connus dans les réseaux Euclidiens. Le principe de ces preuves est de montrer que réussir une attaque contre une primitive est au moins aussi difficile que de résoudre un problème particulier, comme le problème Learning With Errors (LWE) ou le problème Small Integer Solution (SIS). En montrant que ces problèmes sont au moins aussi difficiles à résoudre qu'un problème difficile portant sur les réseaux, présumé insoluble en temps polynomial, on en conclu que les primitives construites sont sûres. Nous avons travaillé sur l'amélioration de la sécurité et des constructions de primitives cryptographiques. Nous avons étudié la difficulté des problèmes SIS et LWE et de leurs variantes structurées sur les anneaux d'entiers de corps cyclotomiques, et les modules libres sur ceux-ci. Nous avons montré d'une part qu'il existe une preuve de difficulté classique pour le problème LWE (la réduction existante de Regev en 2005 était quantique), d'autre part que les variantes sur les modules sont elles-aussi difficiles. Nous avons aussi proposé deux nouvelles variantes de signatures de groupe dont la sécurité repose sur SIS et LWE. L'une est la première reposant sur les réseaux et ayant une taille et une complexité poly-logarithmique en le nombre d'utilisateurs. La seconde construction permet de plus la révocation d'un membre du groupe. Enfin, nous avons amélioré la taille de certains paramètres dans le travail sur les applications multilinéaires cryptographiques de Garg, Gentry et Halevi. / Lattice-based cryptography is a branch of cryptography exploiting the presumed hardness of some well-known problems on lattices. Its main advantages are its simplicity, efficiency, and apparent security against quantum computers. The principle of the security proofs in lattice-based cryptography is to show that attacking a given scheme is at least as hard as solving a particular problem, as the Learning with Errors problem (LWE) or the Small Integer Solution problem (SIS). Then, by showing that those two problems are at least as hard to solve than a hard problem on lattices, presumed polynomial time intractable, we conclude that the constructed scheme is secure.In this thesis, we improve the foundation of the security proofs and build new cryptographic schemes. We study the hardness of the SIS and LWE problems, and of some of their variants on integer rings of cyclotomic fields and on modules on those rings. We show that there is a classical hardness proof for the LWE problem (Regev's prior reduction was quantum), and that the module variants of SIS and LWE are also hard to solve. We also give two new lattice-based group signature schemes, with security based on SIS and LWE. One is the first lattice-based group signature with logarithmic signature size in the number of users. And the other construction allows another functionality, verifier-local revocation. Finally, we improve the size of some parameters in the work on cryptographic multilinear maps of Garg, Gentry and Halevi in 2013.

Learning with Errors

Signature de Groupe

Lattice-based cryptography

Learning with Errors

Group signatures

Cryptographic multilinear maps