CURRENT THREAT SCENARIO
Quantum computing is coming. In 2009 the industry saw the first quantum chip and the first quantum universal computer. In 2010 the National Institute of Standards and Technology (NIST) demonstrated the ability to hold 150 components for a quantum computer, and 2011 will show further gains. A quantum computer will be able to leverage Shor’s algorithm to break RSA, DSA, and Elliptic Curve cryptography (ECC) using Fast Fourier Transforms. At this point, virtually all network connections, Internet commerce, and transactions will be insecure.
WHAT DOES THIS TECHNOLOGY DO?
NTRU is an alternative asymmetric algorithm based on a completely different mathematical problem from RSA and ECC called the “approximate close lattice vector problem.” NTRU’s abilities have been published, reviewed in scholarly journals, and presented at Crypto, Eurocrypt, and the RSA Conference. Because it is based on different mathematics, NTRU is very fast and resistant to quantum computers. A working, full-scale quantum computer running the process known as “Shor’s algorithm” would be able to break RSA or ECC of any practical size in negligible time. In contrast, NTRU’s security is reduced only slightly by quantum computers. This has been validated by external reviewers such as NIST. In an April 2009 survey, Ray Perlner and David Cooper of NIST wrote: “Of the various lattice based cryptographic schemes that have been developed, the NTRU family of cryptographic algorithms appears to be the most practical. … They are viable alternatives for both public key encryption and signatures that are not vulnerable to Shor’s Algorithm.” The NTRU Encrypt algorithm has been standardized by IEEE Std 1363.1-200 and by the financial industry's ASCX9 as X9.98 and the standardization of NTRU Sign is in process.
In addition to its quantum resistant properties, NTRU is much faster than RSA. At comparable cryptographic strength, NTRU performs the costly private key operations 100 to 200 times faster than RSA. In addition, NTRU's comparative performance increases with the level of security required. As key sizes increase by n, RSA's operations per second decease at n3, whereas NTRU's decrease at n2. As organizations move to 2048 bit RSA keys, at NIST's recommendation, they will be dealing with the increased computing power needed to handle key negotiations. NTRU's speed significantly reduces the need for extra hardware and there is much less of a tradeoff between security and performance.
Though the threat of quantum computers are not yet here, we need to begin moving now to make sure our communication networks are prepared. Keeping the status quo will result in total and unacceptable insecurity when quantum computers are developed. NTRU is a peer-review, standardized asymmetric cryptography algorithm that is resistant to quantum computing. In addition, its high performance characteristics make it attractive for deployments where the CPU cycles required by RSA SSL handshakes are costly.
187 Ballardvale St. Suite A 195
Wilmington, MA 01887 USA