IEEE P1363 and Standards Process, William Whyte View slides (ppt)
Pairing Standards, Mike Scott. Slides (ppt).
Pairing Standards, Hovav Shacham. Slides (pdf).
We propose a practical sampling reduction algorithm for lattice bases based on work by Schnorr as well as two even more effective generalizations. We report the empirical behaviour of these algorithms. We describe how Sampling Reduction allows to stage lattice attacks against the NTRU cryptosystem with smaller BKZ parameters than before and conclude that therefore the recommeded NTRU security parameters offer <= 74 Bit security.
This report explicitly refutes the analysis behind a recent claim that NTRUEncrypt has a bit security of at most 74 bits. We also sum up some existing literature on NTRU and lattices, in order to help explain what should and what should not be classed as an improved at- tack against the hard problem underlying NTRUEncrypt.We also show a connection between Schnorr's RSR technique and exhaustively searching the NTRU lattice.
A single Powerpoint slide illustrating a lower-triangular matrix, to help explain the principle behind Random Sampling Reduction.
Changes for P1363.2 D20 Annex sections related to PKRS-1 and SDHP attack, resulting from the March 31 teleconference review.
|IEEE Home Page||IEEE Standards||IEEE P1363|