Secure and Compact Full NTRU Hardware Implementation

The foreseeable breakthrough of quantum computers represents a risk for secure communications. In order to prepare for such an event, electronic systems must integrate secure quantum-computer-resistant (post-quantum) cryptography protected against implementation attacks. The NTRU cryptosystem is one of the main alternatives for practical implementations of post-quantum public-key cryptography. The standardized version of NTRU (IEEE 1363.1) provides security against chosen ciphertext attacks (CCA) through a padding scheme that limits ciphertext malleability, thus restricting a large range of attacks. So far, previous NTRU hardware implementations do not include the NTRU padding scheme. Moreover, a previously proposed NTRU optimization of the polynomial multiplication leads to a degradation of the security level. Therefore, previous works provide a wrong impression regarding the real implementation cost of NTRU. In this work, we present two contributions: i) the first complete and compact NTRU hardware implementation; and ii) the analysis of the security degradation due to the NTRU multiplication optimization proposed in previous works.     «

The foreseeable breakthrough of quantum computers represents a risk for secure communications. In order to prepare for such an event, electronic systems must integrate secure quantum-computer-resistant (post-quantum) cryptography protected against implementation attacks. The NTRU cryptosystem is one of the main alternatives for practical implementations of post-quantum public-key cryptography. The standardized version of NTRU (IEEE 1363.1) provides security against chosen ciphertext attacks (C...     »