Keyvan Derakhshan Nik
M.Sc. Candidate
Supervisor: Hamid Usefi

Comparing lattice-based cryptosystems NTRU & D-NTRU

Department of Computer Science
Monday, December 17, 2018, 11:00a.m., Room EN-2022

---

Abstract

Quantum computers are being developed and hoped to become available soon. On the other hand, cryptosystems based on integer factorization and similar hard problems will be completely broken by quantum computers. As such, RSA and elliptic-curve cryptography (ECC) which are the two widely used public-key cryptosystems will be insecure once the quantum computers are available. Possible substitutes for RSA and ECC are cryptosystems based on lattices.

In the 1990s, Hoffstein-Pipher-Silverman introduced a lattice-based cryptosystem called NTRU. There have been many revisions of NTRU to improve the performance of encryption and decryption functions as well as reducing the size of cipher-texts. We shall compare NTRU with a recently introduced D-NTRU byWang-Lei-Hu. To be able to make these comparisons, we have implemented both NTRU and D-NTRU in Java.

In this project, we shall first summarize lattices and some of the hard problems in this area. We show how some of these hard problems is used to construct cryptosystems. Then we review NTRU and D-NTRU and compare them for efficiency. Finally, we consider the security, recommended parameters, and the resistance of NTRU and D-NTRU to various attacks.