Abstract
In a recent paper [1], Aggarwal, Joux, Prakash, and Santha (AJPS) describe an ingenious public-key cryptosystem mimicking NTRU over the integers. This algorithm relies on the properties of Mersenne primes rather than polynomial rings. The security of the AJPS cryptosystem relies on the conjectured hardness of the Mersenne Low Hamming Ratio Assumption, defined in [1]. This work shows that AJPS' security estimates are too optimistic and describes an algorithm allowing to recover the secret key from the public key much faster than foreseen in [1]. In particular, our algorithm is experimentally practical (within the reach of the computational capabilities of a large organization), at least for the parameter choice {n=1279,h=17} conjectured in [1] as corresponding to a 2120 security level. The algorithm is fully parallelizable.
Cite
CITATION STYLE
Beunardeau, M., Connolly, A., Géraud, R., & Naccache, D. (2019). On the hardness of the mersenne low hamming ratio assumption. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11368 LNCS, pp. 166–174). Springer Verlag. https://doi.org/10.1007/978-3-030-25283-0_9
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
