International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

On estimating the lattice security of NTRU

Authors:
Nick Howgrave-Graham
Jeff Hoffstein
Jill Pipher
William Whyte
Download:
URL: http://eprint.iacr.org/2005/104
Search ePrint
Search Google
Abstract: This report explicitly refutes the analysis behind a recent claim that NTRUEncrypt has a bit security of at most 74 bits. We also sum up some existing literature on NTRU and lattices, in order to help explain what should and what should not be classed as an improved attack against the hard problem underlying NTRUEncrypt. We also show a connection between Schnorr's RSR technique and exhaustively searching the NTRU lattice.
BibTeX
@misc{eprint-2005-12440,
  title={On estimating the lattice security of NTRU},
  booktitle={IACR Eprint archive},
  keywords={public-key cryptography / lattices},
  url={http://eprint.iacr.org/2005/104},
  note={ nhowgravegraham@ntru.com 12884 received 11 Apr 2005},
  author={Nick Howgrave-Graham and Jeff Hoffstein and Jill Pipher and William Whyte},
  year=2005
}