NTRUP Rust

This repository presents an implementation of high-security prime-degree large-Galois-group inert-modulus ideal-lattice-based cryptography on rust programing langudge. “Prime degree” etc. are defenses against potential attacks; see official website.

This implementation uses: Fields of the form (Z/q)[x]/(xp −x−1), where p is prime, are used in “NTRU Prime”, introduced in this paper, and have all of our recommended defenses.

Parameter set:

• P = 653, Q = 4621, W = 288, RQBYTES=994, ROUNDEDBYTES=865
• p = 761, q = 4591, w = 286, RQBYTES=1158, ROUNDEDBYTES=1007
• p = 857, q = 5167, w = 322, RQBYTES=1322, ROUNDEDBYTES=1152
• p = 953, q = 6343, w = 396, RQBYTES=1505, ROUNDEDBYTES=1317
• p = 1013, q = 7177, w = 448, RQBYTES=1623, ROUNDEDBYTES=1423
• p = 1277, q = 7879, w = 492, RQBYTES=2067, ROUNDEDBYTES=1815

install

bash cargo add ntrulp

Testing

bash cargo test

bash cargo bench

Encrypt/Decrypt bytes example

```rust const P: usize = 761; const W: usize = 286; const Q: usize = 4591; const Q12: usize = (Q - 1) / 2; const PPLUSONE: usize = P + 1; const RQBYTES: usize = 1158; const PTWICEMINUSONE: usize = P + P - 1; const ROUNDED_BYTES: usize = 1007;

let mut rng = rand::threadrng(); let randlen = rng.genrange(5..10000); let mut ntrup = NTRUPrime::::new() .unwrap(); let bytes: Vec = (0..randlen).map(|| rng.gen::()).collect();

ntrup.keypairgen().unwrap();

let (pk, ) = ntrup.keypair.export_pair().unwrap();

let encrypted = ntrup.encrypt(&bytes, &pk).unwrap(); let decrypted = ntrup.decrypt(encrypted).unwrap();

assert_eq!(decrypted, bytes); ```

TODO

• add Falcon algorithm for sign,verify signature

Warnings

Implementation

This implementation has not undergone any security auditing and while care has been taken no guarantees can be made for either correctness or the constant time running of the underlying functions. Please use at your own risk.