Go to DBLP homepageNTRU-Based Bootstrapping for MK-FHEs Without Using Overstretched Parameters
Abstract: Recent attacks on NTRU lattices given by Ducas and van Woerden (ASIACRYPT 2021) showed that for moduli q larger than the so-called fatigue point \(n^{2.484+o(1)}\), the security of NTRU is noticeably less than that of (ring)-LWE. Unlike NTRU-based PKE with q typically lying in the secure regime of NTRU lattices (i.e., \(q<n^{2.484+o(1)}\)), the security of existing NTRU-based multi-key FHEs (MK-FHEs) requiring \(q=O(n^k)\) for k keys could be significantly affected by those attacks.
Loading