Abstract
A new type of signature scheme, called NTRUSign, based on solving the approximately closest vector problem in a NTRU lattice was proposed at CT-RSA’03. However no security proof against chosen messages attack has been made for this scheme. In this paper, we show that NTRUSign signature scheme contains the weakness of malleability. From this, one can derive new valid signatures from any previous message-signature pair which means that NTRUSign is not secure against strongly existential forgery. Finally, we propose a simple technique to avoid this flaw in NTRUSign scheme.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Cohen, H.: A course in computational algebraic number theory. GTM 138, Springer- Verlag (1993)
Granboulan, L.: How to repair ESIGN. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 234–240. Springer, Heidelberg (2003)
Gentry, C., Jonsson, J., Stern, J., Szydlo, M.: Cryptanalysis of the NTRU Signature Scheme (NSS) from Eurocrypt 2001. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 123–131. Springer, Heidelberg (2001)
Gentry, C., Szydlo, M.: Cryptanalysis of the Revised NTRU Signature Scheme. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 299–320. Springer, Heidelberg (2002)
Goldwasser, S., Micali, S., Rivest, R.: A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks. SIAM Journal of Computing, 281–308 (1998)
Hoffstein, J., Pipher, J., Silverman, J.: Enhanced Encoding and Verification Methods for the NTRU Signature Scheme, NTRU Technical Note #017 (2001), Available from http://www.ntru.com
Hoffstein, J., Graham, N., Pipher, J., Silverman, J., Whyte, W.: NTRUSign: Digital Signatures Using the NTRU Lattice Preliminary Draft 2., Available from http://www.ntru.com
Hoffstein, J., Graham, N., Pipher, J., Silverman, J., Whyte, W.: NTRUSign: Digital Signatures Using the NTRU Lattice. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 122–140. Springer, Heidelberg (2003)
Hoffstein, J., Pipher, J., Silverman, J.: NTRU: A Ring-Based Public Key Cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)
Hoffstein, J., Pipher, J., Silverman, J.: NSS: An NTRU Lattice-Based Signature Scheme. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 123–137. Springer, Heidelberg (2001)
Joux, A., Martinet, G.: Some Weaknesses in Quartz Signature Scheme. NESSIE public reports, NES/DOC/ENS/WP5/026/1 (2003)
Mironov, I.: A Note on Cryptanalysis of the Preliminary Version of the NTRU Signature Scheme. IACR preprint server, Available from http://eprint.iacr.org/2001/005/
Okamoto, T., Fujisaki, E., Morita, H.: TSH-ESIGN: Efficient Digital Signature Scheme Using Trisection Size Hash (1998) (submission to P1363a)
Pointcheval, D., Stern, J.: Security Proofs for Signature Schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Silverman, J.: Wraps, Gaps and Lattice Constants. NTRU Technical Report #011 (2001), Available from http://www.ntru.com
Stern, J., Pointcheval, D., Lee, J., Smart, N.: Flaws in Applying Proof Methodologies to Signature Schemes. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 93–110. Springer, Heidelberg (2002)
Consortium for Efficient Embedded Security. Efficient Embedded Security Standard (EESS)#1: Implementation Aspects of NTRUEncrypt and NTRUSign, Available from http://www.ceesstandards.org
Consortium for Efficient Embedded Security. Efficient Embedded Security Standard (EESS)#1: Draft 2.0. Previously on, http://www.ceesstandards.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Min, S., Yamamoto, G., Kim, K. (2004). Weak Property of Malleability in NTRUSign. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds) Information Security and Privacy. ACISP 2004. Lecture Notes in Computer Science, vol 3108. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-27800-9_33
Download citation
DOI: https://doi.org/10.1007/978-3-540-27800-9_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22379-5
Online ISBN: 978-3-540-27800-9
eBook Packages: Springer Book Archive