Analysis and Extension of Non-Commutative NTRU

dc.contributor.advisorWashington, Lawrence Cen_US
dc.contributor.authorTruman, Kathrynen_US
dc.contributor.departmentMathematicsen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.date.accessioned2007-09-28T15:01:41Z
dc.date.available2007-09-28T15:01:41Z
dc.date.issued2007-08-06en_US
dc.description.abstractWe discuss the ring based public-key cryptosystem known as non-commutative NTRU. The original system is defined over the group ring R = Z[D_N] (where D_N is the dihedral group of order 2N) and uses a commutative subring R_0 = {a in R | Y a = a Y} where Y is an element of order two for D_N. This system was broken by Coppersmith. To do this he uses properties of the subset R_1 = { a in R | Y a = - a Y }. He is able to create a 'fake' private key using R_1 and R_0. This 'fake' private key then allows him to create a map d: R -> R that is used to break the system. The present discussion first analyzes the original system and the attack on the system. We also determine what groups the original system can be defined over, and therefore when Coppersmith's attack will work. Second we extend this system to other group rings. The groups have two generators that do not commute, but the generators will have prime orders larger than two. We still work with the ring Z[G] and the subring of elements that commute with Y, the generator with smaller order. We then extend the attack on the system. This is where the key difference arises. We develop the representation theory of these more general groups so that we can break the system. Also to break the system we need to look at subsets of Z[G] where conjugation by Y (of order k) multiplies the elements by a k^th root of unity. We denote these subsets by R_1, R_2, ..., R_{k-1}. One of the main results is to show that these R_j are principal R_0 modules. This allows us to define a similar map d: R -> R. Since a primitive k^th root of unity does not always exist modulo q it is necessary to work in an extension ring to break the system in some cases. But when d: R -> R is created it maps into the original group ring, which allows us to break the system. Finally we give a few examples.en_US
dc.format.extent290290 bytes
dc.format.mimetypeapplication/pdf
dc.identifier.urihttp://hdl.handle.net/1903/7344
dc.language.isoen_US
dc.subject.pqcontrolledMathematicsen_US
dc.subject.pquncontrolledCryptographyen_US
dc.subject.pquncontrolledNon-Commutative NTRUen_US
dc.subject.pquncontrolledRing-Baseden_US
dc.subject.pquncontrolledCryptosystem;en_US
dc.titleAnalysis and Extension of Non-Commutative NTRUen_US
dc.typeDissertationen_US

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
umi-umd-4753.pdf
Size:
283.49 KB
Format:
Adobe Portable Document Format