NTRU encryption is one of the best known standardized public-key cryptosystems. NTRU encrypts by adding a plaintext with the product, p.h*r , where p is a public parameter, h is the public key, and r is a pseudorandomly generated blinding polynomial. For decryption, NTRU uses two private keys. In this paper, we show that NTRU has the modulo p flaw (by construction of an example of a plaintext decryption just applying modulo p operation to the ciphertext without any secret key usage), explain the reasons of the flaw, and propose NTRU amendment not having the flaw.

Published in: World Congress on Internet Security (WorldCIS-2016)

  • Date of Conference: 14-16 November 2016
  • DOI: 10.2053/WorldCIS.2016.0010
  • ISBN: 978-1-908320-66-7
  • Conference Location: Heathrow Windsor Marriott Hotel, UK