做为一种快速公钥,NTRU具有一种不能提供完全解密的特性,我们称之为解密失败。由于解密失败威胁到NTRU的安全性,人们提出了很多的处理方法。本文中,我们从解密失败产生的原因入手分析了余位驰等人提出的补偿算法不能工作的原因.在文章的最后,我们指出通过仔细选择参数避免解密失败的方法在原加密方案中并不能防止攻击者制造解密失败。
NTRU is a well known Public-key Cryptosystem with fast speed. One of its properties is that it does not provide perfect decryption, called decryption failure. For the existence of decryption failure threatens the security of NTRU, many methods are proposed to deal with this problem. This paper recalls the causes of decryption failures and explain the reason why the compensating algorithm proposed by Weichi Yu and others does not work. Finally the method of avoiding decryption failure by choosing parameters is carefully analyzed, and the result indicates that it is not able to prevent legitimate user from decryption failure but attackers could make decryption failures in primal NTRU Encryption scheme as usual.