如何获取NTRU参数
How to get NTRU parameters
我正在使用 bouncycastle 的 NTRU 实现,这是我的代码:
NTRUEncryptionKeyGenerationParameters ntruEncryptionKeyGenerationParameters = NTRUEncryptionKeyGenerationParameters.EES1087EP2;
NTRUEncryptionKeyPairGenerator ntruEncryptionKeyPairGenerator = new NTRUEncryptionKeyPairGenerator();
ntruEncryptionKeyPairGenerator.init(ntruEncryptionKeyGenerationParameters);
AsymmetricCipherKeyPair asymmetricCipherKeyPair = ntruEncryptionKeyPairGenerator.generateKeyPair();
NTRUEncryptionPrivateKeyParameters ntruEncryptionPrivateKeyParameters = (NTRUEncryptionPrivateKeyParameters) asymmetricCipherKeyPair.getPrivate();
NTRUEncryptionPublicKeyParameters ntruEncryptionPublicKeyParameters = (NTRUEncryptionPublicKeyParameters) asymmetricCipherKeyPair.getPublic();
NTRUEngine ntruEngine = new NTRUEngine();
ntruEngine.init(true, ntruEncryptionPublicKeyParameters);
问题是如何得到f多项式和基,因为我只找到了fp(f的反函数,他们没有反函数)和基?我查阅了 javadoc,但没有结果。
您可以从 class NTRUEncryptionKeyPairGenerator
中找到它
public AsymmetricCipherKeyPair generateKeyPair()
{
int N = params.N;
int q = params.q;
int df = params.df;
int df1 = params.df1;
int df2 = params.df2;
int df3 = params.df3;
int dg = params.dg;
boolean fastFp = params.fastFp;
boolean sparse = params.sparse;
Polynomial t;
IntegerPolynomial fq;
IntegerPolynomial fp = null;
// choose a random f that is invertible mod 3 and q
while (true)
{
IntegerPolynomial f;
// choose random t, calculate f and fp
if (fastFp)
{
// if fastFp=true, f is always invertible mod 3
t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3, params.getRandom());
f = t.toIntegerPolynomial();
f.mult(3);
f.coeffs[0] += 1;
}
else
{
t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df - 1, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3 - 1, params.getRandom());
f = t.toIntegerPolynomial();
fp = f.invertF3();
if (fp == null)
{
continue;
}
}
fq = f.invertFq(q);
if (fq == null)
{
continue;
}
break;
}
// if fastFp=true, fp=1
if (fastFp)
{
fp = new IntegerPolynomial(N);
fp.coeffs[0] = 1;
}
// choose a random g that is invertible mod q
DenseTernaryPolynomial g;
while (true)
{
g = DenseTernaryPolynomial.generateRandom(N, dg, dg - 1, params.getRandom());
if (g.invertFq(q) != null)
{
break;
}
}
IntegerPolynomial h = g.mult(fq, q);
h.mult3(q);
h.ensurePositive(q);
g.clear();
fq.clear();
NTRUEncryptionPrivateKeyParameters priv = new NTRUEncryptionPrivateKeyParameters(h, t, fp, params.getEncryptionParameters());
NTRUEncryptionPublicKeyParameters pub = new NTRUEncryptionPublicKeyParameters(h, params.getEncryptionParameters());
return new AsymmetricCipherKeyPair(pub, priv);
}
f 是你要的多项式。
基础是什么意思?
NTRU Report 014中描述了逆向方法:
几乎逆向和快速 NTRU 密钥创建
https://www.securityinnovation.com/uploads/Crypto/NTRUTech014.pdf
通过几个步骤进行优化
在 Z/2Z/(x^N-1)
提升到Z/2^rZ/(x^N-1)
重复直到 2^r = q
我正在使用 bouncycastle 的 NTRU 实现,这是我的代码:
NTRUEncryptionKeyGenerationParameters ntruEncryptionKeyGenerationParameters = NTRUEncryptionKeyGenerationParameters.EES1087EP2;
NTRUEncryptionKeyPairGenerator ntruEncryptionKeyPairGenerator = new NTRUEncryptionKeyPairGenerator();
ntruEncryptionKeyPairGenerator.init(ntruEncryptionKeyGenerationParameters);
AsymmetricCipherKeyPair asymmetricCipherKeyPair = ntruEncryptionKeyPairGenerator.generateKeyPair();
NTRUEncryptionPrivateKeyParameters ntruEncryptionPrivateKeyParameters = (NTRUEncryptionPrivateKeyParameters) asymmetricCipherKeyPair.getPrivate();
NTRUEncryptionPublicKeyParameters ntruEncryptionPublicKeyParameters = (NTRUEncryptionPublicKeyParameters) asymmetricCipherKeyPair.getPublic();
NTRUEngine ntruEngine = new NTRUEngine();
ntruEngine.init(true, ntruEncryptionPublicKeyParameters);
问题是如何得到f多项式和基,因为我只找到了fp(f的反函数,他们没有反函数)和基?我查阅了 javadoc,但没有结果。
您可以从 class NTRUEncryptionKeyPairGenerator
中找到它public AsymmetricCipherKeyPair generateKeyPair()
{
int N = params.N;
int q = params.q;
int df = params.df;
int df1 = params.df1;
int df2 = params.df2;
int df3 = params.df3;
int dg = params.dg;
boolean fastFp = params.fastFp;
boolean sparse = params.sparse;
Polynomial t;
IntegerPolynomial fq;
IntegerPolynomial fp = null;
// choose a random f that is invertible mod 3 and q
while (true)
{
IntegerPolynomial f;
// choose random t, calculate f and fp
if (fastFp)
{
// if fastFp=true, f is always invertible mod 3
t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3, params.getRandom());
f = t.toIntegerPolynomial();
f.mult(3);
f.coeffs[0] += 1;
}
else
{
t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df - 1, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3 - 1, params.getRandom());
f = t.toIntegerPolynomial();
fp = f.invertF3();
if (fp == null)
{
continue;
}
}
fq = f.invertFq(q);
if (fq == null)
{
continue;
}
break;
}
// if fastFp=true, fp=1
if (fastFp)
{
fp = new IntegerPolynomial(N);
fp.coeffs[0] = 1;
}
// choose a random g that is invertible mod q
DenseTernaryPolynomial g;
while (true)
{
g = DenseTernaryPolynomial.generateRandom(N, dg, dg - 1, params.getRandom());
if (g.invertFq(q) != null)
{
break;
}
}
IntegerPolynomial h = g.mult(fq, q);
h.mult3(q);
h.ensurePositive(q);
g.clear();
fq.clear();
NTRUEncryptionPrivateKeyParameters priv = new NTRUEncryptionPrivateKeyParameters(h, t, fp, params.getEncryptionParameters());
NTRUEncryptionPublicKeyParameters pub = new NTRUEncryptionPublicKeyParameters(h, params.getEncryptionParameters());
return new AsymmetricCipherKeyPair(pub, priv);
}
f 是你要的多项式。 基础是什么意思?
NTRU Report 014中描述了逆向方法: 几乎逆向和快速 NTRU 密钥创建
https://www.securityinnovation.com/uploads/Crypto/NTRUTech014.pdf
通过几个步骤进行优化
在 Z/2Z/(x^N-1)
上求 f 的倒数
提升到Z/2^rZ/(x^N-1)
重复直到 2^r = q