Séminaire des équipes de recherche
Making NTRU as Secure as Worst-Case Problems over Ideal Lattices
Séminaire organisé par l'équipe-projet CASCADE.
A 10h30, entrée libre.
- Date : 28/04/2011
- Lieu : École Normale Supérieure, Amphi Évariste Galois - NIR
- Intervenant(s) : Damien Stehlé (ENS Lyon)
- Organisateur(s) : Equipe-projet CASCADE
NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. However, since its introduction, doubts have regularly arisen on its security. We show how to modify NTRUEncrypt to make it semantically secure, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. The proof relies on the recent results from [Lyubashevsky et al., Eurocrypt'10], on the hardness of the Ring-LWE problem. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. During this talk, I will also discuss extensions of this result for NTRUSign.
This is joint work with Ron Steinfeld - Macquarie University.