NTRUSign Countermeasures
NTRUSign is not zero-knowledge
each signature leaks information related to the secret key
- [NgRe06] broke the Raw NTRUSign
(half of IEEE P1363 parameters)
Three countermeasures have been proposed:
-
I. Original Perturbation technique [HHGP03]
ie. the other half of IEEE P1363 parameters
-
II. Deformation technique from IEEE-IT [HWH08]
-
III. Gaussian Sampling [GPV08]