Fault Analysis of the NTRUEncrypt Cryptosystem

Abdel Alim KAMAL  Amr YOUSSEF  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E94-A   No.4   pp.1156-1158
Publication Date: 2011/04/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E94.A.1156
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Cryptography and Information Security
NTRU,  side channel attacks,  fault analysis,  public key cryptography,  

Full Text: PDF(111.8KB)>>
Buy this Article

In this paper, we present a fault analysis of the original NTRU public key cryptosystem. The fault model in which we analyze the cipher is the one in which the attacker is assumed to be able to fault a small number of coefficients of the polynomial input to (or output from) the second step of the decryption process but cannot control the exact location of injected faults. For this specific original instantiation of the NTRU encryption system with parameters (N,p,q), our attack succeeds with probability≈ and when the number of faulted coefficients is upper bounded by t, it requires O((pN)t) polynomial inversions in Z/p Z[x]/(xN-1).