Abstract
This paper presents software demonstrating that the 20-year-old NTRU cryptosystem is competitive with more recent lattice-based cryptosystems in terms of speed, key size, and ciphertext size. We present a slightly simplified version of textbook NTRU, select parameters for this encryption scheme that target the 128-bit post-quantum security level, construct a KEM that is CCA2-secure in the quantum random oracle model, and present highly optimized software targeting Intel CPUs with the AVX2 vector instruction set. This software takes only 307 914 cycles for the generation of a keypair, 48 646 for encapsulation, and 67 338 for decapsulation. It is, to the best of our knowledge, the first NTRU software with full protection against timing attacks.
Original language | English |
---|---|
Title of host publication | Cryptographic Hardware and Embedded Systems – CHES 2017 - 19th International Conference, Proceedings |
Publisher | Springer |
Pages | 232-252 |
Number of pages | 21 |
ISBN (Print) | 9783319667867 |
DOIs | |
Publication status | Published - 2017 |
Event | 19th International Conference on Cryptographic Hardware and Embedded Systems, (CHES 2017) - Taipei, Taiwan Duration: 25 Sep 2017 → 28 Sep 2017 https://ches.iacr.org/2017/ |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Volume | 10529 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 19th International Conference on Cryptographic Hardware and Embedded Systems, (CHES 2017) |
---|---|
Abbreviated title | CHES2017 |
Country/Territory | Taiwan |
City | Taipei |
Period | 25/09/17 → 28/09/17 |
Internet address |
Keywords
- AVX2
- CCA2-secure KEM
- Lattice-based crypto
- NTRU
- Post-quantum crypto
- QROM