Making NTRU as Secure as Worst-Case Problems over Ideal Lattices
Identifieur interne : 002973 ( Istex/Corpus ); précédent : 002972; suivant : 002974Making NTRU as Secure as Worst-Case Problems over Ideal Lattices
Auteurs : Damien Stehlé ; Ron SteinfeldSource :
- Lecture Notes in Computer Science [ 0302-9743 ] ; 2011.
English descriptors
- KwdEn :
- Algorithm, Chinese remainder theorem, Cryptographic, Cryptography, Cyclic lattices, Cyclotomic, Decryption, Decryption algorithm, Discrete gaussian, Discrete gaussian distribution, Discrete gaussians, Dz2n, Encryption, Encryption scheme, Encryption schemes, Errors problem, Factors modulo, Future work, Gaussian, Generation algorithm, Hardness, Heidelberg, Ideal lattice, Ideal lattices, Invertible, Lattice, Lattice problems, Linear factors modulo, Lncs, Lyubashevsky, Matrix, Micciancio, Modulo, Ntru, Ntruencrypt, Outputs samples, Peikert, Quantum hardness, Regev, Regularity, Regularity result, Resp, Rntru, Springer, Standard deviation, Standard model, Standard problems, Statistical distance, Stehl, Steinfeld, Success probability, Whole ring.
- Teeft :
- Algorithm, Chinese remainder theorem, Cryptographic, Cryptography, Cyclic lattices, Cyclotomic, Decryption, Decryption algorithm, Discrete gaussian, Discrete gaussian distribution, Discrete gaussians, Dz2n, Encryption, Encryption scheme, Encryption schemes, Errors problem, Factors modulo, Future work, Gaussian, Generation algorithm, Hardness, Heidelberg, Ideal lattice, Ideal lattices, Invertible, Lattice, Lattice problems, Linear factors modulo, Lncs, Lyubashevsky, Matrix, Micciancio, Modulo, Ntru, Ntruencrypt, Outputs samples, Peikert, Quantum hardness, Regev, Regularity, Regularity result, Resp, Rntru, Springer, Standard deviation, Standard model, Standard problems, Statistical distance, Stehl, Steinfeld, Success probability, Whole ring.
Abstract
Abstract: NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify NTRUEncrypt to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.
Url:
DOI: 10.1007/978-3-642-20465-4_4
Links to Exploration step
ISTEX:DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88Le document en format XML
<record><TEI wicri:istexFullTextTei="biblStruct"><teiHeader><fileDesc><titleStmt><title xml:lang="en">Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title><author><name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name><affiliation><mods:affiliation>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL), 46 Allée d’Italie, 69364, Lyon Cedex 07, France</mods:affiliation></affiliation><affiliation><mods:affiliation>E-mail: damien.stehle@gmail.com</mods:affiliation></affiliation></author><author><name sortKey="Steinfeld, Ron" sort="Steinfeld, Ron" uniqKey="Steinfeld R" first="Ron" last="Steinfeld">Ron Steinfeld</name><affiliation><mods:affiliation>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing, Macquarie University, 2109, NSW, Australia</mods:affiliation></affiliation><affiliation><mods:affiliation>E-mail: ron.steinfeld@mq.edu.au</mods:affiliation></affiliation></author></titleStmt><publicationStmt><idno type="wicri:source">ISTEX</idno><idno type="RBID">ISTEX:DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88</idno><date when="2011" year="2011">2011</date><idno type="doi">10.1007/978-3-642-20465-4_4</idno><idno type="url">https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/fulltext/pdf</idno><idno type="wicri:Area/Istex/Corpus">002973</idno><idno type="wicri:explorRef" wicri:stream="Istex" wicri:step="Corpus" wicri:corpus="ISTEX">002973</idno></publicationStmt><sourceDesc><biblStruct><analytic><title level="a" type="main" xml:lang="en">Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title><author><name sortKey="Stehle, Damien" sort="Stehle, Damien" uniqKey="Stehle D" first="Damien" last="Stehlé">Damien Stehlé</name><affiliation><mods:affiliation>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL), 46 Allée d’Italie, 69364, Lyon Cedex 07, France</mods:affiliation></affiliation><affiliation><mods:affiliation>E-mail: damien.stehle@gmail.com</mods:affiliation></affiliation></author><author><name sortKey="Steinfeld, Ron" sort="Steinfeld, Ron" uniqKey="Steinfeld R" first="Ron" last="Steinfeld">Ron Steinfeld</name><affiliation><mods:affiliation>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing, Macquarie University, 2109, NSW, Australia</mods:affiliation></affiliation><affiliation><mods:affiliation>E-mail: ron.steinfeld@mq.edu.au</mods:affiliation></affiliation></author></analytic><monogr></monogr><series><title level="s">Lecture Notes in Computer Science</title><imprint><date>2011</date></imprint><idno type="ISSN">0302-9743</idno><idno type="eISSN">1611-3349</idno><idno type="ISSN">0302-9743</idno></series></biblStruct></sourceDesc><seriesStmt><idno type="ISSN">0302-9743</idno></seriesStmt></fileDesc><profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>Algorithm</term><term>Chinese remainder theorem</term><term>Cryptographic</term><term>Cryptography</term><term>Cyclic lattices</term><term>Cyclotomic</term><term>Decryption</term><term>Decryption algorithm</term><term>Discrete gaussian</term><term>Discrete gaussian distribution</term><term>Discrete gaussians</term><term>Dz2n</term><term>Encryption</term><term>Encryption scheme</term><term>Encryption schemes</term><term>Errors problem</term><term>Factors modulo</term><term>Future work</term><term>Gaussian</term><term>Generation algorithm</term><term>Hardness</term><term>Heidelberg</term><term>Ideal lattice</term><term>Ideal lattices</term><term>Invertible</term><term>Lattice</term><term>Lattice problems</term><term>Linear factors modulo</term><term>Lncs</term><term>Lyubashevsky</term><term>Matrix</term><term>Micciancio</term><term>Modulo</term><term>Ntru</term><term>Ntruencrypt</term><term>Outputs samples</term><term>Peikert</term><term>Quantum hardness</term><term>Regev</term><term>Regularity</term><term>Regularity result</term><term>Resp</term><term>Rntru</term><term>Springer</term><term>Standard deviation</term><term>Standard model</term><term>Standard problems</term><term>Statistical distance</term><term>Stehl</term><term>Steinfeld</term><term>Success probability</term><term>Whole ring</term></keywords><keywords scheme="Teeft" xml:lang="en"><term>Algorithm</term><term>Chinese remainder theorem</term><term>Cryptographic</term><term>Cryptography</term><term>Cyclic lattices</term><term>Cyclotomic</term><term>Decryption</term><term>Decryption algorithm</term><term>Discrete gaussian</term><term>Discrete gaussian distribution</term><term>Discrete gaussians</term><term>Dz2n</term><term>Encryption</term><term>Encryption scheme</term><term>Encryption schemes</term><term>Errors problem</term><term>Factors modulo</term><term>Future work</term><term>Gaussian</term><term>Generation algorithm</term><term>Hardness</term><term>Heidelberg</term><term>Ideal lattice</term><term>Ideal lattices</term><term>Invertible</term><term>Lattice</term><term>Lattice problems</term><term>Linear factors modulo</term><term>Lncs</term><term>Lyubashevsky</term><term>Matrix</term><term>Micciancio</term><term>Modulo</term><term>Ntru</term><term>Ntruencrypt</term><term>Outputs samples</term><term>Peikert</term><term>Quantum hardness</term><term>Regev</term><term>Regularity</term><term>Regularity result</term><term>Resp</term><term>Rntru</term><term>Springer</term><term>Standard deviation</term><term>Standard model</term><term>Standard problems</term><term>Statistical distance</term><term>Stehl</term><term>Steinfeld</term><term>Success probability</term><term>Whole ring</term></keywords></textClass><langUsage><language ident="en">en</language></langUsage></profileDesc></teiHeader><front><div type="abstract" xml:lang="en">Abstract: NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify NTRUEncrypt to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.</div></front></TEI><istex><corpusName>springer</corpusName><keywords><teeft><json:string>resp</json:string><json:string>ntruencrypt</json:string><json:string>modulo</json:string><json:string>ntru</json:string><json:string>ideal lattices</json:string><json:string>encryption</json:string><json:string>lattice</json:string><json:string>algorithm</json:string><json:string>springer</json:string><json:string>lncs</json:string><json:string>stehl</json:string><json:string>peikert</json:string><json:string>steinfeld</json:string><json:string>cryptography</json:string><json:string>dz2n</json:string><json:string>lyubashevsky</json:string><json:string>decryption</json:string><json:string>invertible</json:string><json:string>regev</json:string><json:string>micciancio</json:string><json:string>rntru</json:string><json:string>cyclotomic</json:string><json:string>generation algorithm</json:string><json:string>statistical distance</json:string><json:string>heidelberg</json:string><json:string>linear factors modulo</json:string><json:string>hardness</json:string><json:string>discrete gaussians</json:string><json:string>lattice problems</json:string><json:string>success probability</json:string><json:string>decryption algorithm</json:string><json:string>encryption schemes</json:string><json:string>discrete gaussian</json:string><json:string>standard deviation</json:string><json:string>standard problems</json:string><json:string>ideal lattice</json:string><json:string>errors problem</json:string><json:string>factors modulo</json:string><json:string>encryption scheme</json:string><json:string>matrix</json:string><json:string>cryptographic</json:string><json:string>gaussian</json:string><json:string>quantum hardness</json:string><json:string>chinese remainder theorem</json:string><json:string>outputs samples</json:string><json:string>cyclic lattices</json:string><json:string>discrete gaussian distribution</json:string><json:string>standard model</json:string><json:string>whole ring</json:string><json:string>regularity result</json:string><json:string>future work</json:string><json:string>regularity</json:string></teeft></keywords><author><json:item><name>Damien Stehlé</name><affiliations><json:string>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL), 46 Allée d’Italie, 69364, Lyon Cedex 07, France</json:string><json:string>E-mail: damien.stehle@gmail.com</json:string></affiliations></json:item><json:item><name>Ron Steinfeld</name><affiliations><json:string>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing, Macquarie University, 2109, NSW, Australia</json:string><json:string>E-mail: ron.steinfeld@mq.edu.au</json:string></affiliations></json:item></author><arkIstex>ark:/67375/1BB-8ZDJN8FG-5</arkIstex><language><json:string>eng</json:string></language><originalGenre><json:string>OriginalPaper</json:string></originalGenre><abstract>Abstract: NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify NTRUEncrypt to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.</abstract><qualityIndicators><refBibsNative>false</refBibsNative><abstractWordCount>142</abstractWordCount><abstractCharCount>974</abstractCharCount><keywordCount>0</keywordCount><score>8.704</score><pdfWordCount>10570</pdfWordCount><pdfCharCount>46407</pdfCharCount><pdfVersion>1.6</pdfVersion><pdfPageCount>21</pdfPageCount><pdfPageSize>429.725 x 659.895 pts</pdfPageSize></qualityIndicators><title>Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title><chapterId><json:string>4</json:string><json:string>Chap4</json:string></chapterId><genre><json:string>conference</json:string></genre><serie><title>Lecture Notes in Computer Science</title><language><json:string>unknown</json:string></language><copyrightDate>2011</copyrightDate><issn><json:string>0302-9743</json:string></issn><eissn><json:string>1611-3349</json:string></eissn><editor><json:item><name>David Hutchison</name><affiliations><json:string>Lancaster University, Lancaster, UK</json:string></affiliations></json:item><json:item><name>Takeo Kanade</name><affiliations><json:string>Carnegie Mellon University, Pittsburgh, PA, USA</json:string></affiliations></json:item><json:item><name>Josef Kittler</name><affiliations><json:string>University of Surrey, Guildford, UK</json:string></affiliations></json:item><json:item><name>Jon M. Kleinberg</name><affiliations><json:string>Cornell University, Ithaca, NY, USA</json:string></affiliations></json:item><json:item><name>Friedemann Mattern</name><affiliations><json:string>ETH Zurich, Zurich, Switzerland</json:string></affiliations></json:item><json:item><name>John C. Mitchell</name><affiliations><json:string>Stanford University, Stanford, CA, USA</json:string></affiliations></json:item><json:item><name>Moni Naor</name><affiliations><json:string>Weizmann Institute of Science, Rehovot, Israel</json:string></affiliations></json:item><json:item><name>Oscar Nierstrasz</name><affiliations><json:string>University of Bern, Bern, Switzerland</json:string></affiliations></json:item><json:item><name>C. Pandu Rangan</name><affiliations><json:string>Indian Institute of Technology, Madras, India</json:string></affiliations></json:item><json:item><name>Bernhard Steffen</name><affiliations><json:string>University of Dortmund, Dortmund, Germany</json:string></affiliations></json:item><json:item><name>Madhu Sudan</name><affiliations><json:string>Massachusetts Institute of Technology, MA, USA</json:string></affiliations></json:item><json:item><name>Demetri Terzopoulos</name><affiliations><json:string>University of California, Los Angeles, CA, USA</json:string></affiliations></json:item><json:item><name>Doug Tygar</name><affiliations><json:string>University of California, Berkeley, CA, USA</json:string></affiliations></json:item><json:item><name>Moshe Y. Vardi</name><affiliations><json:string>Rice University, Houston, TX, USA</json:string></affiliations></json:item><json:item><name>Gerhard Weikum</name><affiliations><json:string>Max-Planck Institute of Computer Science, Saarbrücken, Germany</json:string></affiliations></json:item></editor></serie><host><title>Advances in Cryptology – EUROCRYPT 2011</title><language><json:string>unknown</json:string></language><copyrightDate>2011</copyrightDate><doi><json:string>10.1007/978-3-642-20465-4</json:string></doi><issn><json:string>0302-9743</json:string></issn><eissn><json:string>1611-3349</json:string></eissn><eisbn><json:string>978-3-642-20465-4</json:string></eisbn><bookId><json:string>978-3-642-20465-4</json:string></bookId><isbn><json:string>978-3-642-20464-7</json:string></isbn><volume>6632</volume><pages><first>27</first><last>47</last></pages><genre><json:string>book-series</json:string></genre><editor><json:item><name>Kenneth G. Paterson</name><affiliations><json:string>Information Security Group (ISG), University of London, Royal Holloway, TW20 0EX, Egham, Surrey, UK</json:string><json:string>E-mail: kenny.paterson@rhul.ac.uk</json:string></affiliations></json:item></editor><subject><json:item><value>Computer Science</value></json:item><json:item><value>Computer Science</value></json:item><json:item><value>Data Encryption</value></json:item><json:item><value>Computer Communication Networks</value></json:item><json:item><value>Systems and Data Security</value></json:item><json:item><value>Algorithm Analysis and Problem Complexity</value></json:item><json:item><value>Discrete Mathematics in Computer Science</value></json:item><json:item><value>Management of Computing and Information Systems</value></json:item></subject></host><namedEntities><unitex><date><json:string>2009</json:string><json:string>2011</json:string><json:string>2005</json:string><json:string>2, 1/2</json:string><json:string>2001</json:string><json:string>2002</json:string><json:string>1996</json:string></date><geogName></geogName><orgName><json:string>Macquarie University Research Fellowship, and ARC</json:string><json:string>Australian Research Council</json:string><json:string>ARF</json:string><json:string>Australian Research Fellowship</json:string></orgName><orgName_funder></orgName_funder><orgName_provider></orgName_provider><persName><json:string>O. Regev</json:string><json:string>D. Remark</json:string><json:string>Ron Steinfeld</json:string><json:string>R. Steinfeld</json:string><json:string>C. Peikert</json:string><json:string>K.G. Paterson</json:string><json:string>D. Stehlé</json:string><json:string>J. Silverman</json:string><json:string>L. Minkowski</json:string><json:string>V. Lyubashevsky</json:string><json:string>G. Hanrot</json:string><json:string>F. Vercauteren</json:string><json:string>T. T. Nguyen</json:string></persName><placeName><json:string>Australia</json:string><json:string>France</json:string><json:string>Lyon</json:string></placeName><ref_url><json:string>http://web.science.mq.edu.au/~rons</json:string><json:string>http://perso.ens-lyon.fr/damien.stehle</json:string></ref_url><ref_bibl><json:string>[10,8]</json:string><json:string>[4]</json:string><json:string>Lyubashevsky et al. [20]</json:string><json:string>[6]</json:string><json:string>[33]</json:string><json:string>[17]</json:string><json:string>[31,28,11,5,1]</json:string><json:string>Lyubashevsky et al. [21]</json:string><json:string>[10]</json:string><json:string>Gentry et al.</json:string><json:string>[16]</json:string><json:string>[20]</json:string><json:string>[15]</json:string><json:string>[24,32]</json:string><json:string>Stehlé et al. [34]</json:string><json:string>[14]</json:string><json:string>[9]</json:string><json:string>[2]</json:string><json:string>[35]</json:string></ref_bibl><bibl></bibl></unitex></namedEntities><ark><json:string>ark:/67375/1BB-8ZDJN8FG-5</json:string></ark><categories><inist><json:string>1 - sciences appliquees, technologies et medecines</json:string><json:string>2 - sciences exactes et technologie</json:string><json:string>3 - sciences et techniques communes</json:string><json:string>4 - mathematiques</json:string></inist></categories><publicationDate>2011</publicationDate><copyrightDate>2011</copyrightDate><doi><json:string>10.1007/978-3-642-20465-4_4</json:string></doi><id>DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88</id><score>1</score><fulltext><json:item><extension>pdf</extension><original>true</original><mimetype>application/pdf</mimetype><uri>https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/fulltext/pdf</uri></json:item><json:item><extension>zip</extension><original>false</original><mimetype>application/zip</mimetype><uri>https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/fulltext/zip</uri></json:item><istex:fulltextTEI uri="https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/fulltext/tei"><teiHeader><fileDesc><titleStmt><title level="a" type="main" xml:lang="en">Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title><respStmt><resp>Références bibliographiques récupérées via GROBID</resp><name resp="ISTEX-API">ISTEX-API (INIST-CNRS)</name></respStmt></titleStmt><publicationStmt><authority>ISTEX</authority><publisher scheme="https://publisher-list.data.istex.fr">Springer Berlin Heidelberg</publisher><pubPlace>Berlin, Heidelberg</pubPlace><availability><licence><p>International Association for Cryptologic Research, 2011</p></licence><p scheme="https://loaded-corpus.data.istex.fr/ark:/67375/XBH-3XSW68JL-F">springer</p></availability><date>2011</date></publicationStmt><notesStmt><note type="conference" scheme="https://content-type.data.istex.fr/ark:/67375/XTP-BFHXPBJJ-3">conference</note><note type="book-series" scheme="https://publication-type.data.istex.fr/ark:/67375/JMC-0G6R5W5T-Z">book-series</note></notesStmt><sourceDesc><biblStruct type="inbook"><analytic><title level="a" type="main" xml:lang="en">Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title><author xml:id="author-0000"><persName><forename type="first">Damien</forename><surname>Stehlé</surname></persName><email>damien.stehle@gmail.com</email><affiliation>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL), 46 Allée d’Italie, 69364, Lyon Cedex 07, France</affiliation></author><author xml:id="author-0001"><persName><forename type="first">Ron</forename><surname>Steinfeld</surname></persName><email>ron.steinfeld@mq.edu.au</email><affiliation>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing, Macquarie University, 2109, NSW, Australia</affiliation></author><idno type="istex">DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88</idno><idno type="ark">ark:/67375/1BB-8ZDJN8FG-5</idno><idno type="DOI">10.1007/978-3-642-20465-4_4</idno><idno type="ChapterID">4</idno><idno type="ChapterID">Chap4</idno></analytic><monogr><title level="m">Advances in Cryptology – EUROCRYPT 2011</title><title level="m" type="sub">30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings</title><idno type="DOI">10.1007/978-3-642-20465-4</idno><idno type="pISBN">978-3-642-20464-7</idno><idno type="eISBN">978-3-642-20465-4</idno><idno type="pISSN">0302-9743</idno><idno type="eISSN">1611-3349</idno><idno type="book-title-id">218165</idno><idno type="book-id">978-3-642-20465-4</idno><idno type="book-chapter-count">33</idno><idno type="book-volume-number">6632</idno><idno type="book-sequence-number">6632</idno><idno type="PartChapterCount">2</idno><editor xml:id="book-author-0000"><persName><forename type="first">Kenneth</forename><forename type="first">G.</forename><surname>Paterson</surname></persName><email>kenny.paterson@rhul.ac.uk</email><affiliation>Information Security Group (ISG), University of London, Royal Holloway, TW20 0EX, Egham, Surrey, UK</affiliation></editor><imprint><publisher>Springer Berlin Heidelberg</publisher><pubPlace>Berlin, Heidelberg</pubPlace><date type="published" when="2011"></date><biblScope unit="volume">6632</biblScope><biblScope unit="page" from="27">27</biblScope><biblScope unit="page" to="47">47</biblScope></imprint></monogr><series><title level="s">Lecture Notes in Computer Science</title><editor xml:id="serie-author-0000"><persName><forename type="first">David</forename><surname>Hutchison</surname></persName><affiliation>Lancaster University, Lancaster, UK</affiliation></editor><editor xml:id="serie-author-0001"><persName><forename type="first">Takeo</forename><surname>Kanade</surname></persName><affiliation>Carnegie Mellon University, Pittsburgh, PA, USA</affiliation></editor><editor xml:id="serie-author-0002"><persName><forename type="first">Josef</forename><surname>Kittler</surname></persName><affiliation>University of Surrey, Guildford, UK</affiliation></editor><editor xml:id="serie-author-0003"><persName><forename type="first">Jon</forename><forename type="first">M.</forename><surname>Kleinberg</surname></persName><affiliation>Cornell University, Ithaca, NY, USA</affiliation></editor><editor xml:id="serie-author-0004"><persName><forename type="first">Friedemann</forename><surname>Mattern</surname></persName><affiliation>ETH Zurich, Zurich, Switzerland</affiliation></editor><editor xml:id="serie-author-0005"><persName><forename type="first">John</forename><forename type="first">C.</forename><surname>Mitchell</surname></persName><affiliation>Stanford University, Stanford, CA, USA</affiliation></editor><editor xml:id="serie-author-0006"><persName><forename type="first">Moni</forename><surname>Naor</surname></persName><affiliation>Weizmann Institute of Science, Rehovot, Israel</affiliation></editor><editor xml:id="serie-author-0007"><persName><forename type="first">Oscar</forename><surname>Nierstrasz</surname></persName><affiliation>University of Bern, Bern, Switzerland</affiliation></editor><editor xml:id="serie-author-0008"><persName><forename type="first">C.</forename><surname>Pandu Rangan</surname></persName><affiliation>Indian Institute of Technology, Madras, India</affiliation></editor><editor xml:id="serie-author-0009"><persName><forename type="first">Bernhard</forename><surname>Steffen</surname></persName><affiliation>University of Dortmund, Dortmund, Germany</affiliation></editor><editor xml:id="serie-author-0010"><persName><forename type="first">Madhu</forename><surname>Sudan</surname></persName><affiliation>Massachusetts Institute of Technology, MA, USA</affiliation></editor><editor xml:id="serie-author-0011"><persName><forename type="first">Demetri</forename><surname>Terzopoulos</surname></persName><affiliation>University of California, Los Angeles, CA, USA</affiliation></editor><editor xml:id="serie-author-0012"><persName><forename type="first">Doug</forename><surname>Tygar</surname></persName><affiliation>University of California, Berkeley, CA, USA</affiliation></editor><editor xml:id="serie-author-0013"><persName><forename type="first">Moshe</forename><forename type="first">Y.</forename><surname>Vardi</surname></persName><affiliation>Rice University, Houston, TX, USA</affiliation></editor><editor xml:id="serie-author-0014"><persName><forename type="first">Gerhard</forename><surname>Weikum</surname></persName><affiliation>Max-Planck Institute of Computer Science, Saarbrücken, Germany</affiliation></editor><biblScope><date>2011</date></biblScope><idno type="pISSN">0302-9743</idno><idno type="eISSN">1611-3349</idno><idno type="series-id">558</idno></series></biblStruct></sourceDesc></fileDesc><profileDesc><creation><date>2011</date></creation><langUsage><language ident="en">en</language></langUsage><abstract xml:lang="en"><p>Abstract: NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify NTRUEncrypt to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.</p></abstract><textClass><keywords scheme="Book-Subject-Collection"><list><label>SUCO11645</label><item><term>Computer Science</term></item></list></keywords></textClass><textClass><keywords scheme="Book-Subject-Group"><list><label>I</label><label>I15033</label><label>I13022</label><label>I14050</label><label>I16021</label><label>I17028</label><label>I24067</label><item><term>Computer Science</term></item><item><term>Data Encryption</term></item><item><term>Computer Communication Networks</term></item><item><term>Systems and Data Security</term></item><item><term>Algorithm Analysis and Problem Complexity</term></item><item><term>Discrete Mathematics in Computer Science</term></item><item><term>Management of Computing and Information Systems</term></item></list></keywords></textClass></profileDesc><revisionDesc><change when="2011">Published</change><change xml:id="refBibs-istex" who="#ISTEX-API" when="2017-10-2">References added</change></revisionDesc></teiHeader></istex:fulltextTEI><json:item><extension>txt</extension><original>false</original><mimetype>text/plain</mimetype><uri>https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/fulltext/txt</uri></json:item></fulltext><metadata><istex:metadataXml wicri:clean="Springer, Publisher found" wicri:toSee="no header"><istex:xmlDeclaration>version="1.0" encoding="UTF-8"</istex:xmlDeclaration><istex:docType PUBLIC="-//Springer-Verlag//DTD A++ V2.4//EN" URI="http://devel.springer.de/A++/V2.4/DTD/A++V2.4.dtd" name="istex:docType"></istex:docType><istex:document><Publisher><PublisherInfo><PublisherName>Springer Berlin Heidelberg</PublisherName><PublisherLocation>Berlin, Heidelberg</PublisherLocation></PublisherInfo><Series><SeriesInfo SeriesType="Series" TocLevels="0"><SeriesID>558</SeriesID><SeriesPrintISSN>0302-9743</SeriesPrintISSN><SeriesElectronicISSN>1611-3349</SeriesElectronicISSN><SeriesTitle Language="En">Lecture Notes in Computer Science</SeriesTitle></SeriesInfo><SeriesHeader><EditorGroup><Editor AffiliationIDS="Aff1"><EditorName DisplayOrder="Western"><GivenName>David</GivenName><FamilyName>Hutchison</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff2"><EditorName DisplayOrder="Western"><GivenName>Takeo</GivenName><FamilyName>Kanade</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff3"><EditorName DisplayOrder="Western"><GivenName>Josef</GivenName><FamilyName>Kittler</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff4"><EditorName DisplayOrder="Western"><GivenName>Jon</GivenName><GivenName>M.</GivenName><FamilyName>Kleinberg</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff5"><EditorName DisplayOrder="Western"><GivenName>Friedemann</GivenName><FamilyName>Mattern</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff6"><EditorName DisplayOrder="Western"><GivenName>John</GivenName><GivenName>C.</GivenName><FamilyName>Mitchell</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff7"><EditorName DisplayOrder="Western"><GivenName>Moni</GivenName><FamilyName>Naor</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff8"><EditorName DisplayOrder="Western"><GivenName>Oscar</GivenName><FamilyName>Nierstrasz</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff9"><EditorName DisplayOrder="Western"><GivenName>C.</GivenName><FamilyName>Pandu Rangan</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff10"><EditorName DisplayOrder="Western"><GivenName>Bernhard</GivenName><FamilyName>Steffen</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff11"><EditorName DisplayOrder="Western"><GivenName>Madhu</GivenName><FamilyName>Sudan</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff12"><EditorName DisplayOrder="Western"><GivenName>Demetri</GivenName><FamilyName>Terzopoulos</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff13"><EditorName DisplayOrder="Western"><GivenName>Doug</GivenName><FamilyName>Tygar</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff14"><EditorName DisplayOrder="Western"><GivenName>Moshe</GivenName><GivenName>Y.</GivenName><FamilyName>Vardi</FamilyName></EditorName></Editor><Editor AffiliationIDS="Aff15"><EditorName DisplayOrder="Western"><GivenName>Gerhard</GivenName><FamilyName>Weikum</FamilyName></EditorName></Editor><Affiliation ID="Aff1"><OrgName>Lancaster University</OrgName><OrgAddress><City>Lancaster</City><Country>UK</Country></OrgAddress></Affiliation><Affiliation ID="Aff2"><OrgName>Carnegie Mellon University</OrgName><OrgAddress><City>Pittsburgh</City><State>PA</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff3"><OrgName>University of Surrey</OrgName><OrgAddress><City>Guildford</City><Country>UK</Country></OrgAddress></Affiliation><Affiliation ID="Aff4"><OrgName>Cornell University</OrgName><OrgAddress><City>Ithaca</City><State>NY</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff5"><OrgName>ETH Zurich</OrgName><OrgAddress><City>Zurich</City><Country>Switzerland</Country></OrgAddress></Affiliation><Affiliation ID="Aff6"><OrgName>Stanford University</OrgName><OrgAddress><City>Stanford</City><State>CA</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff7"><OrgName>Weizmann Institute of Science</OrgName><OrgAddress><City>Rehovot</City><Country>Israel</Country></OrgAddress></Affiliation><Affiliation ID="Aff8"><OrgName>University of Bern</OrgName><OrgAddress><City>Bern</City><Country>Switzerland</Country></OrgAddress></Affiliation><Affiliation ID="Aff9"><OrgName>Indian Institute of Technology</OrgName><OrgAddress><City>Madras</City><Country>India</Country></OrgAddress></Affiliation><Affiliation ID="Aff10"><OrgName>University of Dortmund</OrgName><OrgAddress><City>Dortmund</City><Country>Germany</Country></OrgAddress></Affiliation><Affiliation ID="Aff11"><OrgName>Massachusetts Institute of Technology</OrgName><OrgAddress><State>MA</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff12"><OrgName>University of California</OrgName><OrgAddress><City>Los Angeles</City><State>CA</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff13"><OrgName>University of California</OrgName><OrgAddress><City>Berkeley</City><State>CA</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff14"><OrgName>Rice University</OrgName><OrgAddress><City>Houston</City><State>TX</State><Country>USA</Country></OrgAddress></Affiliation><Affiliation ID="Aff15"><OrgName>Max-Planck Institute of Computer Science</OrgName><OrgAddress><City>Saarbrücken</City><Country>Germany</Country></OrgAddress></Affiliation></EditorGroup></SeriesHeader><Book Language="En"><BookInfo BookProductType="Proceedings" ContainsESM="No" Language="En" MediaType="eBook" NumberingDepth="2" NumberingStyle="ContentOnly" OutputMedium="All" TocLevels="0"><BookID>978-3-642-20465-4</BookID><BookTitle>Advances in Cryptology – EUROCRYPT 2011</BookTitle><BookSubTitle>30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings</BookSubTitle><BookVolumeNumber>6632</BookVolumeNumber><BookSequenceNumber>6632</BookSequenceNumber><BookDOI>10.1007/978-3-642-20465-4</BookDOI><BookTitleID>218165</BookTitleID><BookPrintISBN>978-3-642-20464-7</BookPrintISBN><BookElectronicISBN>978-3-642-20465-4</BookElectronicISBN><BookChapterCount>33</BookChapterCount><BookCopyright><CopyrightHolderName>International Association for Cryptologic Research</CopyrightHolderName><CopyrightYear>2011</CopyrightYear></BookCopyright><BookSubjectGroup><BookSubject Code="I" Type="Primary">Computer Science</BookSubject><BookSubject Code="I15033" Priority="1" Type="Secondary">Data Encryption</BookSubject><BookSubject Code="I13022" Priority="2" Type="Secondary">Computer Communication Networks</BookSubject><BookSubject Code="I14050" Priority="3" Type="Secondary">Systems and Data Security</BookSubject><BookSubject Code="I16021" Priority="4" Type="Secondary">Algorithm Analysis and Problem Complexity</BookSubject><BookSubject Code="I17028" Priority="5" Type="Secondary">Discrete Mathematics in Computer Science</BookSubject><BookSubject Code="I24067" Priority="6" Type="Secondary">Management of Computing and Information Systems</BookSubject><SubjectCollection Code="SUCO11645">Computer Science</SubjectCollection></BookSubjectGroup><BookContext><SeriesID>558</SeriesID></BookContext></BookInfo><BookHeader><EditorGroup><Editor AffiliationIDS="Aff16"><EditorName DisplayOrder="Western"><GivenName>Kenneth</GivenName><GivenName>G.</GivenName><FamilyName>Paterson</FamilyName></EditorName><Contact><Email>kenny.paterson@rhul.ac.uk</Email></Contact></Editor><Affiliation ID="Aff16"><OrgDivision>Information Security Group (ISG)</OrgDivision><OrgName>University of London</OrgName><OrgAddress><Street>Royal Holloway</Street><Postcode>TW20 0EX</Postcode><City>Egham</City><State>Surrey</State><Country>UK</Country></OrgAddress></Affiliation></EditorGroup></BookHeader><Part ID="Part2"><PartInfo TocLevels="0"><PartID>2</PartID><PartSequenceNumber>2</PartSequenceNumber><PartTitle>Lattice-Based Cryptography</PartTitle><PartChapterCount>2</PartChapterCount><PartContext><SeriesID>558</SeriesID><BookTitle>Advances in Cryptology – EUROCRYPT 2011</BookTitle></PartContext></PartInfo><Chapter ID="Chap4" Language="En"><ChapterInfo ChapterType="OriginalPaper" ContainsESM="No" NumberingDepth="2" NumberingStyle="ContentOnly" TocLevels="0"><ChapterID>4</ChapterID><ChapterDOI>10.1007/978-3-642-20465-4_4</ChapterDOI><ChapterSequenceNumber>4</ChapterSequenceNumber><ChapterTitle Language="En">Making <Emphasis FontCategory="NonProportional">NTRU</Emphasis> as Secure as Worst-Case Problems over Ideal Lattices</ChapterTitle><ChapterFirstPage>27</ChapterFirstPage><ChapterLastPage>47</ChapterLastPage><ChapterCopyright><CopyrightHolderName>International Association for Cryptologic Research</CopyrightHolderName><CopyrightYear>2011</CopyrightYear></ChapterCopyright><ChapterGrants Type="Regular"><MetadataGrant Grant="OpenAccess"></MetadataGrant><AbstractGrant Grant="OpenAccess"></AbstractGrant><BodyPDFGrant Grant="Restricted"></BodyPDFGrant><BodyHTMLGrant Grant="Restricted"></BodyHTMLGrant><BibliographyGrant Grant="Restricted"></BibliographyGrant><ESMGrant Grant="Restricted"></ESMGrant></ChapterGrants><ChapterContext><SeriesID>558</SeriesID><PartID>2</PartID><BookID>978-3-642-20465-4</BookID><BookTitle>Advances in Cryptology – EUROCRYPT 2011</BookTitle></ChapterContext></ChapterInfo><ChapterHeader><AuthorGroup><Author AffiliationIDS="Aff17"><AuthorName DisplayOrder="Western"><GivenName>Damien</GivenName><FamilyName>Stehlé</FamilyName></AuthorName><Contact><Email>damien.stehle@gmail.com</Email><URL>http://perso.ens-lyon.fr/damien.stehle</URL></Contact></Author><Author AffiliationIDS="Aff18"><AuthorName DisplayOrder="Western"><GivenName>Ron</GivenName><FamilyName>Steinfeld</FamilyName></AuthorName><Contact><Email>ron.steinfeld@mq.edu.au</Email><URL>http://web.science.mq.edu.au/~rons</URL></Contact></Author><Affiliation ID="Aff17"><OrgName>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL)</OrgName><OrgAddress><Street>46 Allée d’Italie</Street><Postcode>69364</Postcode><City>Lyon Cedex 07</City><Country>France</Country></OrgAddress></Affiliation><Affiliation ID="Aff18"><OrgDivision>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing</OrgDivision><OrgName>Macquarie University</OrgName><OrgAddress><State>NSW</State><Postcode>2109</Postcode><Country>Australia</Country></OrgAddress></Affiliation></AuthorGroup><Abstract ID="Abs1" Language="En"><Heading>Abstract</Heading><Para><Emphasis FontCategory="NonProportional">NTRUEncrypt</Emphasis>, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify <Emphasis FontCategory="NonProportional">NTRUEncrypt</Emphasis> to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.</Para></Abstract><KeywordGroup Language="En"><Heading>Keywords</Heading><Keyword>Lattice-based cryptography</Keyword><Keyword>NTRU</Keyword><Keyword>provable security</Keyword></KeywordGroup></ChapterHeader><NoBody></NoBody></Chapter></Part></Book></Series></Publisher></istex:document></istex:metadataXml><mods version="3.6"><titleInfo lang="en"><title>Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title></titleInfo><titleInfo type="alternative" contentType="CDATA" lang="en"><title>Making NTRU as Secure as Worst-Case Problems over Ideal Lattices</title></titleInfo><name type="personal"><namePart type="given">Damien</namePart><namePart type="family">Stehlé</namePart><affiliation>CNRS, Laboratoire LIP (U. Lyon, CNRS, ENS Lyon, INRIA, UCBL), 46 Allée d’Italie, 69364, Lyon Cedex 07, France</affiliation><affiliation>E-mail: damien.stehle@gmail.com</affiliation><role><roleTerm type="text">author</roleTerm></role></name><name type="personal"><namePart type="given">Ron</namePart><namePart type="family">Steinfeld</namePart><affiliation>Centre for Advanced Computing - Algorithms and Cryptography, Department of Computing, Macquarie University, 2109, NSW, Australia</affiliation><affiliation>E-mail: ron.steinfeld@mq.edu.au</affiliation><role><roleTerm type="text">author</roleTerm></role></name><typeOfResource>text</typeOfResource><genre displayLabel="OriginalPaper" authority="ISTEX" authorityURI="https://content-type.data.istex.fr" type="conference" valueURI="https://content-type.data.istex.fr/ark:/67375/XTP-BFHXPBJJ-3">conference</genre><originInfo><publisher>Springer Berlin Heidelberg</publisher><place><placeTerm type="text">Berlin, Heidelberg</placeTerm></place><dateIssued encoding="w3cdtf">2011</dateIssued><dateIssued encoding="w3cdtf">2011</dateIssued><copyrightDate encoding="w3cdtf">2011</copyrightDate></originInfo><language><languageTerm type="code" authority="rfc3066">en</languageTerm><languageTerm type="code" authority="iso639-2b">eng</languageTerm></language><abstract lang="en">Abstract: NTRUEncrypt, proposed in 1996 by Hoffstein, Pipher and Silverman, is the fastest known lattice-based encryption scheme. Its moderate key-sizes, excellent asymptotic performance and conjectured resistance to quantum computers could make it a desirable alternative to factorisation and discrete-log based encryption schemes. However, since its introduction, doubts have regularly arisen on its security. In the present work, we show how to modify NTRUEncrypt to make it provably secure in the standard model, under the assumed quantum hardness of standard worst-case lattice problems, restricted to a family of lattices related to some cyclotomic fields. Our main contribution is to show that if the secret key polynomials are selected by rejection from discrete Gaussians, then the public key, which is their ratio, is statistically indistinguishable from uniform over its domain. The security then follows from the already proven hardness of the the R-LWE problem.</abstract><relatedItem type="host"><titleInfo><title>Advances in Cryptology – EUROCRYPT 2011</title><subTitle>30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings</subTitle></titleInfo><name type="personal"><namePart type="given">Kenneth</namePart><namePart type="given">G.</namePart><namePart type="family">Paterson</namePart><affiliation>Information Security Group (ISG), University of London, Royal Holloway, TW20 0EX, Egham, Surrey, UK</affiliation><affiliation>E-mail: kenny.paterson@rhul.ac.uk</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><genre type="book-series" displayLabel="Proceedings" authority="ISTEX" authorityURI="https://publication-type.data.istex.fr" valueURI="https://publication-type.data.istex.fr/ark:/67375/JMC-0G6R5W5T-Z">book-series</genre><originInfo><publisher>Springer</publisher><copyrightDate encoding="w3cdtf">2011</copyrightDate><issuance>monographic</issuance></originInfo><subject><genre>Book-Subject-Collection</genre><topic authority="SpringerSubjectCodes" authorityURI="SUCO11645">Computer Science</topic></subject><subject><genre>Book-Subject-Group</genre><topic authority="SpringerSubjectCodes" authorityURI="I">Computer Science</topic><topic authority="SpringerSubjectCodes" authorityURI="I15033">Data Encryption</topic><topic authority="SpringerSubjectCodes" authorityURI="I13022">Computer Communication Networks</topic><topic authority="SpringerSubjectCodes" authorityURI="I14050">Systems and Data Security</topic><topic authority="SpringerSubjectCodes" authorityURI="I16021">Algorithm Analysis and Problem Complexity</topic><topic authority="SpringerSubjectCodes" authorityURI="I17028">Discrete Mathematics in Computer Science</topic><topic authority="SpringerSubjectCodes" authorityURI="I24067">Management of Computing and Information Systems</topic></subject><identifier type="DOI">10.1007/978-3-642-20465-4</identifier><identifier type="ISBN">978-3-642-20464-7</identifier><identifier type="eISBN">978-3-642-20465-4</identifier><identifier type="ISSN">0302-9743</identifier><identifier type="eISSN">1611-3349</identifier><identifier type="BookTitleID">218165</identifier><identifier type="BookID">978-3-642-20465-4</identifier><identifier type="BookChapterCount">33</identifier><identifier type="BookVolumeNumber">6632</identifier><identifier type="BookSequenceNumber">6632</identifier><identifier type="PartChapterCount">2</identifier><part><date>2011</date><detail type="part"><title>Lattice-Based Cryptography</title></detail><detail type="volume"><number>6632</number><caption>vol.</caption></detail><extent unit="pages"><start>27</start><end>47</end></extent></part><recordInfo><recordOrigin>International Association for Cryptologic Research, 2011</recordOrigin></recordInfo></relatedItem><relatedItem type="series"><titleInfo><title>Lecture Notes in Computer Science</title></titleInfo><name type="personal"><namePart type="given">David</namePart><namePart type="family">Hutchison</namePart><affiliation>Lancaster University, Lancaster, UK</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Takeo</namePart><namePart type="family">Kanade</namePart><affiliation>Carnegie Mellon University, Pittsburgh, PA, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Josef</namePart><namePart type="family">Kittler</namePart><affiliation>University of Surrey, Guildford, UK</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Jon</namePart><namePart type="given">M.</namePart><namePart type="family">Kleinberg</namePart><affiliation>Cornell University, Ithaca, NY, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Friedemann</namePart><namePart type="family">Mattern</namePart><affiliation>ETH Zurich, Zurich, Switzerland</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">John</namePart><namePart type="given">C.</namePart><namePart type="family">Mitchell</namePart><affiliation>Stanford University, Stanford, CA, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Moni</namePart><namePart type="family">Naor</namePart><affiliation>Weizmann Institute of Science, Rehovot, Israel</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Oscar</namePart><namePart type="family">Nierstrasz</namePart><affiliation>University of Bern, Bern, Switzerland</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">C.</namePart><namePart type="family">Pandu Rangan</namePart><affiliation>Indian Institute of Technology, Madras, India</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Bernhard</namePart><namePart type="family">Steffen</namePart><affiliation>University of Dortmund, Dortmund, Germany</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Madhu</namePart><namePart type="family">Sudan</namePart><affiliation>Massachusetts Institute of Technology, MA, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Demetri</namePart><namePart type="family">Terzopoulos</namePart><affiliation>University of California, Los Angeles, CA, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Doug</namePart><namePart type="family">Tygar</namePart><affiliation>University of California, Berkeley, CA, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Moshe</namePart><namePart type="given">Y.</namePart><namePart type="family">Vardi</namePart><affiliation>Rice University, Houston, TX, USA</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><name type="personal"><namePart type="given">Gerhard</namePart><namePart type="family">Weikum</namePart><affiliation>Max-Planck Institute of Computer Science, Saarbrücken, Germany</affiliation><role><roleTerm type="text">editor</roleTerm></role></name><originInfo><publisher>Springer</publisher><copyrightDate encoding="w3cdtf">2011</copyrightDate><issuance>serial</issuance></originInfo><identifier type="ISSN">0302-9743</identifier><identifier type="eISSN">1611-3349</identifier><identifier type="SeriesID">558</identifier><recordInfo><recordOrigin>International Association for Cryptologic Research, 2011</recordOrigin></recordInfo></relatedItem><identifier type="istex">DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88</identifier><identifier type="ark">ark:/67375/1BB-8ZDJN8FG-5</identifier><identifier type="DOI">10.1007/978-3-642-20465-4_4</identifier><identifier type="ChapterID">4</identifier><identifier type="ChapterID">Chap4</identifier><accessCondition type="use and reproduction" contentType="copyright">International Association for Cryptologic Research, 2011</accessCondition><recordInfo><recordContentSource authority="ISTEX" authorityURI="https://loaded-corpus.data.istex.fr" valueURI="https://loaded-corpus.data.istex.fr/ark:/67375/XBH-3XSW68JL-F">springer</recordContentSource><recordOrigin>International Association for Cryptologic Research, 2011</recordOrigin></recordInfo></mods><json:item><extension>json</extension><original>false</original><mimetype>application/json</mimetype><uri>https://api.istex.fr/document/DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88/metadata/json</uri></json:item></metadata></istex></record>Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Asie/explor/AustralieFrV1/Data/Istex/Corpus
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 002973 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Istex/Corpus/biblio.hfd -nk 002973 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien
|wiki= Wicri/Asie
|area= AustralieFrV1
|flux= Istex
|étape= Corpus
|type= RBID
|clé= ISTEX:DEFBDD833F40D0195BBA2AE1DFC9280EA211AB88
|texte= Making NTRU as Secure as Worst-Case Problems over Ideal Lattices
}}
| This area was generated with Dilib version V0.6.33. |  |