Abstract
The Number Theoretic Transform (NTT) provides efficient algorithm for multiplying large degree polynomials. It is commonly used in cryptographic schemes that are based on the hardness of the Ring Learning With Errors problem (RLWE), which is a popular basis for post-quantum key exchange, encryption and digital signature. To apply NTT, modulus q should satisfy that q≡1mod2n, RLWE-based schemes have to choose an oversized modulus, which leads to excessive bandwidth. In this work, we present “Preprocess-then-NTT (PtNTT)” technique which weakens the limitation of modulus q, i.e., we only require q≡1modn or q≡1modn/2. Based on this technique, we provide new parameter settings for Kyber and NewHope (two NIST candidates). In these new schemes, we can reduce public key size and ciphertext size at a cost of very little efficiency loss.
Author supplied keywords
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
Cite
CITATION STYLE
Zhou, S., Xue, H., Zhang, D., Wang, K., Lu, X., Li, B., & He, J. (2019). Preprocess-then-NTT technique and its applications to kyber and newhope. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11449 LNCS, pp. 117–137). Springer Verlag. https://doi.org/10.1007/978-3-030-14234-6_7
Readers' Seniority
Readers' Discipline
