Abstract
NTRU is a fast public key cryptosystem remaining unbroken. However, there is no known worst-to-average reduction for the original NTRU cryptosystem. Several provably secure NTRU modifications such as NAEP, pNE and NTRUCCA were proposed in the literature at the cost of inefficiency in encryption/decryption and enlarged ciphertext expansion. NAEP completes the IND-CCA security of the original NTRU under the average-case NTRU one-wayness intractability assumption. Both pNE and NTRUCCA obtain provable security goals under worst-case lattice assumptions. In this paper, a general framework for NTRU is considered, and a new PKC called D-NTRU is proposed. It is shown that the D-NTRU cryptosystem reduces the ciphertext expansion of the NTRU algorithm, and the encryption and decryption algorithms of D-NTRU perform even asymptotically faster than the NTRU algorithm only at the cost of slightly enlarged secret and public keys. The security of D-NTRU is proven in the standard model and under the average-case NTRU one-wayness assumption. The proof of the IND-CPA security of D-NTRU is completed by introducing another NTRU variant called C-NTRU as a bridge, defining some problems, and then proving the equivalence of these problems. So the proposed D-NTRU algorithm is more advantageous than the original NTRU algorithm, and much more efficient than all the provably secure variants of NTRU.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.