MaTRU A New NTRU-Based Cryptosystem The Sixth International Conference on Cryptology (INDOCRYPT 2005) Indian Institute of Science, Bangalore, India, December 10-12, 2005 Michael Coglianese Macgregor, 321 Summer Street, Boston MA, USA Bok–Min Goi Centre for Cryptography and Information Security (CCIS) Multimedia University, Cyberjaya, Malaysia
MaTRU A New NTRU-Based Cryptosystem. Bok – Min Goi Centre for Cryptography and Information Security (CCIS) Multimedia University, Cyberjaya, Malaysia. Michael Coglianese Macgregor, 321 Summer Street, Boston MA, USA. The Sixth International Conference on Cryptology (INDOCRYPT 2005) - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
MaTRUA New NTRU-Based Cryptosystem
The Sixth International Conference on Cryptology (INDOCRYPT 2005) Indian Institute of Science, Bangalore, India, December 10-12, 2005
Michael Coglianese Macgregor,
321 Summer Street, Boston MA, USA
Bok–Min GoiCentre for Cryptography and Information Security (CCIS) Multimedia University,
Cyberjaya, Malaysia
2/39
Outline Introduction
Notation
Overview of the original NTRU PKC
Our New NTRU-based PKC MaTRU Construction
How it works
Security Analysis & Results Brute force and lattice attacks
Parameter choices
NTRU vs. MaTRU
Concluding Remarks
Introduction
4/39
Introduction…
Revolution in cryptography in 1976, Diffie and Hellman
present the idea of public key cryptosystem
To provide non-repudiation service and solve key
distribution problems
5/39
Introduction… RSA PKC (1978)
– based on integer factorization problem McEliece PKC (1978)
– based on algebraic coding theory ElGamal PKC (1984)
– based on discrete log problem (DLP) ECC PKC (1987)
– based on the intractability of elliptic curve DLP Variants of Matsumoto-Imai PKC (1988)
– based on the systems of multivariable polynomials
6/39
Introduction...
Problems
Most of them are too slow and
need large memory footprint
Not suitable for low cost devices
RFID, smardcards, mobile devices …
7/39
NTRU, pronounced as “ain’t – true” , by J. Hoffstein, J. Pipher and J. Silverman
– At rump session of CRPYTO ’96 and then full paper in ANTS III (LNCS1423,1998)
Based on properties of short polynomials over polynomial rings
Less resources + fast operating, but larger message expansion
Have been studied comprehensively in cryptography communities