ntru-crypto - Open Source NTRU Public Key Cryptography Algorithm and Reference Code
https://github.com/NTRUOpenSourceProject/ntru-crypto """ Security Innovation, Inc., the owner of the NTRU public key cryptography system, made the intellectual property and a sample implementation available under the Gnu Public License (GPL) in 2013 with the goal of enabling more widespread adoption of this superior cryptographic technology. The system is also available for commercial use under the terms of the Security Innovation Commercial License. NTRU represents a significant improvement in the Public Key cryptography world—it’s faster, stronger and smaller than virtually any other system in use and it’s quantum computer resistant, making it the best choice for current projects with lifetimes that extend into the post quantum computer age.... NTRU is a lattice-based public key cryptosystem from Security Innovation and the leading alternative to RSA and Elliptic Curve Cryptography (ECC) due to its higher performance and resistance to attacks from quantum computers. NTRU was developed in 1996 as a visionary solution to cyber security challenges for the twenty-first century. NTRU is based on a mathematical problem called the “Approximate close lattice vector problem” and comprises three algorithms: NTRUEncrypt, NTRUSign, and PASSSign. It has been reviewed and published in scholarly journals and presented at Crypto, Eurocrypt, and RSA, and has been adopted in IEEE and X9 standards Because it is based on different math from RSA and ECC, the NTRU algorithm has different cryptographic properties. At comparable cryptographic strength, NTRU performs costly private key operations much faster than RSA or ECC. In addition, NTRU's comparative performance increases with the level of security required. As key sizes increase by a factor of n, RSA's operations/second decrease by about n3 whereas NTRU's decrease at n2. """
On Wed, Nov 27 2013, coderman wrote:
""" Security Innovation, Inc., the owner of the NTRU public key cryptography system, made the intellectual property and a sample implementation available under the Gnu Public License (GPL) in 2013 with the goal of enabling more widespread adoption of this superior cryptographic technology. The system is also available for commercial use under the terms of the Security Innovation Commercial License.
Haven't we made the mistake of relying on someone else's IP for crypto before? I'm looking at you, RSA and IDEA. I have no interest in a cryptosystem that's owned by someone and that requires me to release my own software under a particular license to use it. I don't care how technologically superior it might be. -- Sean Richard Lynch <seanl@literati.org> http://www.literati.org/~seanl/
Haven't we made the mistake of relying on someone else's IP for crypto before? I'm looking at you, RSA and IDEA. I have no interest in a cryptosystem that's owned by someone and that requires me to release my own software under a particular license to use it. I don't care how technologically superior it might be.
The GPL doesn't require you to release a cryptosystem under the GPL, only code for that cryptosystem that derives from GPL'd code. The GPL in effect is a tragedy-of-the-commons-killomatic: It's an agreement between me and you saying "I give you my code, if you give it to others". There's nothing in there about "I offer you my code, and hit you if you try to write your own instead". Given that, I have very little time for GPL-haters, because they're just being whiny bastards. Write your own if you don't like it. Patents, on the other hand, are a whole different steaming pile of shit, and NTRU is patented. So, I'm still with you on this one. If they're somewhere where you can relinquish patents, they should do that. If not, they should either grant the patents wholly to a public trust, or put them under the DPL or similar and make an irrevocable pledge never to use them except defensively, if even that. Of course, who's to know if you implement or build on NTRU under a 'nym? It remains one of the only cryptosystems that's A) Practical and B) Quantum-resistant. Anyone know of any other quantum-resistant algos for *encryption* that can actually be used today, other than NTRU? On Sat, 30 Nov 2013 10:47:02 -0800 Sean Lynch <seanl@literati.org> wrote:
On Wed, Nov 27 2013, coderman wrote:
""" Security Innovation, Inc., the owner of the NTRU public key cryptography system, made the intellectual property and a sample implementation available under the Gnu Public License (GPL) in 2013 with the goal of enabling more widespread adoption of this superior cryptographic technology. The system is also available for commercial use under the terms of the Security Innovation Commercial License.
Haven't we made the mistake of relying on someone else's IP for crypto before? I'm looking at you, RSA and IDEA. I have no interest in a cryptosystem that's owned by someone and that requires me to release my own software under a particular license to use it. I don't care how technologically superior it might be.
's_*encryption*_*asymmetric encryption*_g' ..given that we've got plenty of options for quantum-resistant *symmetric* crypto, and several painful-but-sound options for quantum-resistant signature schemes; Merkle-Lamport, for example. On Tue, 3 Dec 2013 00:10:29 +0000 Cathal Garvey <cathalgarvey@cathalgarvey.me> wrote:
Haven't we made the mistake of relying on someone else's IP for crypto before? I'm looking at you, RSA and IDEA. I have no interest in a cryptosystem that's owned by someone and that requires me to release my own software under a particular license to use it. I don't care how technologically superior it might be.
The GPL doesn't require you to release a cryptosystem under the GPL, only code for that cryptosystem that derives from GPL'd code. The GPL in effect is a tragedy-of-the-commons-killomatic: It's an agreement between me and you saying "I give you my code, if you give it to others". There's nothing in there about "I offer you my code, and hit you if you try to write your own instead".
Given that, I have very little time for GPL-haters, because they're just being whiny bastards. Write your own if you don't like it.
Patents, on the other hand, are a whole different steaming pile of shit, and NTRU is patented. So, I'm still with you on this one. If they're somewhere where you can relinquish patents, they should do that. If not, they should either grant the patents wholly to a public trust, or put them under the DPL or similar and make an irrevocable pledge never to use them except defensively, if even that.
Of course, who's to know if you implement or build on NTRU under a 'nym? It remains one of the only cryptosystems that's A) Practical and B) Quantum-resistant.
Anyone know of any other quantum-resistant algos for *encryption* that can actually be used today, other than NTRU?
On Sat, 30 Nov 2013 10:47:02 -0800 Sean Lynch <seanl@literati.org> wrote:
On Wed, Nov 27 2013, coderman wrote:
""" Security Innovation, Inc., the owner of the NTRU public key cryptography system, made the intellectual property and a sample implementation available under the Gnu Public License (GPL) in 2013 with the goal of enabling more widespread adoption of this superior cryptographic technology. The system is also available for commercial use under the terms of the Security Innovation Commercial License.
Haven't we made the mistake of relying on someone else's IP for crypto before? I'm looking at you, RSA and IDEA. I have no interest in a cryptosystem that's owned by someone and that requires me to release my own software under a particular license to use it. I don't care how technologically superior it might be.
On Tue, 2013-12-03 at 00:10 +0000, Cathal Garvey wrote:
Anyone know of any other quantum-resistant algos for *encryption* that can actually be used today, other than NTRU?
There is McBits which is supposed to be blazingly fast, but the keys are very large which makes it unsuitable for everything except fixed-key systems like PGP. --ll
participants (4)
-
Cathal Garvey -
coderman -
Lars Luthman -
Sean Lynch