Optimizing Polynomial Convolution for NTRUEncrypt

被引:5
作者
Dai, Wei [1 ]
Whyte, William [2 ]
Zhang, Zhenfei [2 ]
机构
[1] Worcester Polytech Inst, Worcester, MA 01609 USA
[2] Onboard Secur Inc, Wilmington, MA 01887 USA
来源
IEEE TRANSACTIONS ON COMPUTERS | 2018年 / 67卷 / 11期
关键词
Quantum-safe cryptography; NTRUEncrypt; security estimation; constant-time implementation; AVX2; SIGNATURES;
D O I
10.1109/TC.2018.2809723
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
NTRUEncrypt is one of the most promising candidates for quantum-safe cryptography. In this paper, we focus on the NTRU743 parameter set. We give a report on all known attacks against this parameter set and show that it delivers 256 bits of security against classical attackers and 128 bits of security against quantum attackers. We then present a parameter-dependent optimization using a tailored hierarchy of multiplication algorithms as well as the Intel AVX2 instructions, and show that this optimization is constanttime. Our implementation is two to three times faster than the reference implementation of NTRUEncrypt.
引用
收藏
页码:1572 / 1583
页数:12
相关论文
共 40 条
[1]  
Accredited Standards Committee X9, LATT BAS POL PUBL KE, P201
[2]   A Subfield Lattice Attack on Overstretched NTRU Assumptions Cryptanalysis of Some FHE and Graded Encoding Schemes [J].
Albrecht, Martin ;
Bai, Shi ;
Ducas, Leo .
ADVANCES IN CRYPTOLOGY - CRYPTO 2016, PT I, 2016, 9814 :153-178
[3]  
Alkim E, 2016, PROCEEDINGS OF THE 25TH USENIX SECURITY SYMPOSIUM, P327
[4]  
[Anonymous], 2014, SUBFIELD LOGARITHM A
[5]  
[Anonymous], 2008, 136312008 IEEE
[6]  
[Anonymous], IACR CRYPTOLOGY EPRI
[7]  
[Anonymous], 2012, AVOIDING AVX SSE TRA
[8]  
[Anonymous], 2016300 CRYPT EPRINT
[9]  
Bai S., 2016, IACR CRYPTOLOGY EPRI, V713
[10]  
Bernstein D. J., 2016, IACR CRYPTOLOGY EPRI, V461
1234