>And the communication given at the rump session of crypto2001. >Back there an attack and a fix were simultaneously presented. >I couldn't find nor remember the details, see >http://www.ntru.com/technology/tech.scrutiny.htm for some more >info.
Without having the opportunity to have a really good look at NTRU, the basic deal is that the NSS algorithm (including some of the fixes) is pretty much completely broken. There was a good paper on the break given at Asiacrypt 2001. NTRU seems to have admitted defeat and basically chucked away the whole NSS design and started again and are now using something called NTRUsign. None of the attacks on NSS were attacks on the underlying hard problem though, so NTRUSign may survive. But it kind of makes you nervous. -- Dean Povey, |em: [EMAIL PROTECTED]| JCSI: Java security toolkit Senior S/W Developer |ph: +61 7 3864 5120 | uPKI: Embedded/C PKI toolkit Wedgetail Communications |fax: +61 7 3864 1282 | uASN.1: ASN.1 Compiler Brisbane, Australia |www: www.wedgetail.com | XML Security: XML Signatures --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
