Am Freitag, den 16.Juni 2000, spricht um 14 Uhr
Der Vortrag findet im Seminarraum 307 des Fachbereichs Informatik, Frankfurt am Main, Robert-Mayer-Straße 11-15 (3. Stock), statt.
We present a chosen-ciphertext attack against the public key cryptosystem called NTRU. This cryptosystem is based on polynomial algebra. Its security comes from the intersection of the polynomial mixing system with the independence of the redukction mpdulo two relatively prime polynomials built from the public key to the decryption algorithm. We are then able to conduct a chosen-ciphertext attack that recovers the secret key from a few ciphertexts/cleartexts pairs with good probability, Then we show that our attack is still able to find the secret key even when some OAEP encoding is used.
Joint work with Eliane Jaulmes (SCSSI, France). Accepted for Crypto 2000.