Package org.bouncycastle.pqc.legacy.crypto.ntru

Class NTRUSigningKeyGenerationParameters

java.lang.Object
org.bouncycastle.crypto.KeyGenerationParameters
org.bouncycastle.pqc.legacy.crypto.ntru.NTRUSigningKeyGenerationParameters
All Implemented Interfaces:
Cloneable
public class NTRUSigningKeyGenerationParameters extends KeyGenerationParameters implements Cloneable
A set of parameters for NtruSign. Several predefined parameter sets are available and new ones can be created as well.

  • Field Details

    • BASIS_TYPE_STANDARD

      public static final int BASIS_TYPE_STANDARD
      See Also:

    • BASIS_TYPE_TRANSPOSE

      public static final int BASIS_TYPE_TRANSPOSE
      See Also:

    • KEY_GEN_ALG_RESULTANT

      public static final int KEY_GEN_ALG_RESULTANT
      See Also:

    • KEY_GEN_ALG_FLOAT

      public static final int KEY_GEN_ALG_FLOAT
      See Also:

    • APR2011_439

      public static final NTRUSigningKeyGenerationParameters APR2011_439
      Gives 128 bits of security

    • APR2011_439_PROD

      public static final NTRUSigningKeyGenerationParameters APR2011_439_PROD
      Like APR2011_439, this parameter set gives 128 bits of security but uses product-form polynomials

    • APR2011_743

      public static final NTRUSigningKeyGenerationParameters APR2011_743
      Gives 256 bits of security

    • APR2011_743_PROD

      public static final NTRUSigningKeyGenerationParameters APR2011_743_PROD
      Like APR2011_439, this parameter set gives 256 bits of security but uses product-form polynomials

    • TEST157

      public static final NTRUSigningKeyGenerationParameters TEST157
      Generates key pairs quickly. Use for testing only.

    • TEST157_PROD

      public static final NTRUSigningKeyGenerationParameters TEST157_PROD
      Generates key pairs quickly. Use for testing only.

    • N

      public int N

    • q

      public int q

    • d

      public int d

    • d1

      public int d1

    • d2

      public int d2

    • d3

      public int d3

    • B

      public int B

    • betaSq

      public double betaSq

    • normBoundSq

      public double normBoundSq

    • signFailTolerance

      public int signFailTolerance

    • keyNormBoundSq

      public double keyNormBoundSq

    • primeCheck

      public boolean primeCheck

    • basisType

      public int basisType

    • sparse

      public boolean sparse

    • keyGenAlg

      public int keyGenAlg

    • hashAlg

      public Digest hashAlg

    • polyType

      public int polyType

  • Constructor Details

    • NTRUSigningKeyGenerationParameters

      public NTRUSigningKeyGenerationParameters(int N, int q, int d, int B, int basisType, double beta, double normBound, double keyNormBound, boolean primeCheck, boolean sparse, int keyGenAlg, Digest hashAlg)
      Constructs a parameter set that uses ternary private keys (i.e. polyType=SIMPLE).
      Parameters:
      N - number of polynomial coefficients
      q - modulus
      d - number of -1's in the private polynomials f and g
      B - number of perturbations
      basisType - whether to use the standard or transpose lattice
      beta - balancing factor for the transpose lattice
      normBound - maximum norm for valid signatures
      keyNormBound - maximum norm for the ploynomials F and G
      primeCheck - whether 2N+1 is prime
      sparse - whether to treat ternary polynomials as sparsely populated (SparseTernaryPolynomial vs DenseTernaryPolynomial)
      keyGenAlg - RESULTANT produces better bases, FLOAT is slightly faster. RESULTANT follows the EESS standard while FLOAT is described in Hoffstein et al: An Introduction to Mathematical Cryptography.
      hashAlg - a valid identifier for a java.security.MessageDigest instance such as SHA-256. The MessageDigest must support the getDigestLength() method.

    • NTRUSigningKeyGenerationParameters

      public NTRUSigningKeyGenerationParameters(int N, int q, int d1, int d2, int d3, int B, int basisType, double beta, double normBound, double keyNormBound, boolean primeCheck, boolean sparse, int keyGenAlg, Digest hashAlg)
      Constructs a parameter set that uses product-form private keys (i.e. polyType=PRODUCT).
      Parameters:
      N - number of polynomial coefficients
      q - modulus
      d1 - number of -1's in the private polynomials f and g
      d2 - number of -1's in the private polynomials f and g
      d3 - number of -1's in the private polynomials f and g
      B - number of perturbations
      basisType - whether to use the standard or transpose lattice
      beta - balancing factor for the transpose lattice
      normBound - maximum norm for valid signatures
      keyNormBound - maximum norm for the ploynomials F and G
      primeCheck - whether 2N+1 is prime
      sparse - whether to treat ternary polynomials as sparsely populated (SparseTernaryPolynomial vs DenseTernaryPolynomial)
      keyGenAlg - RESULTANT produces better bases, FLOAT is slightly faster. RESULTANT follows the EESS standard while FLOAT is described in Hoffstein et al: An Introduction to Mathematical Cryptography.
      hashAlg - a valid identifier for a java.security.MessageDigest instance such as SHA-256. The MessageDigest must support the getDigestLength() method.

    • NTRUSigningKeyGenerationParameters

      public NTRUSigningKeyGenerationParameters(InputStream is) throws IOException
      Reads a parameter set from an input stream.
      Parameters:
      is - an input stream
      Throws:
      IOException

  • Method Details