The Attack In Practice
We implemented this attack against perturbated NTRUSign-80, using a variant of Odlyzko MiM as BBD solver.
Successful key-recovery using
4000 signatures, in 5 core-hours
Similar success against NTRUSign-{112,128}.
Some success when increasing the amount
of perturbation from 1 to 5.
NTRUSign with Perturbation
Countermeasure is Fully Broken