[NTRU+] NTRU+ update (version 2.2.1)
124 views
Skip to first unread message
김종현
Oct 10, 2024, 12:17:55 AM10/10/24
to KpqC-bulletin
Dear all,
We would like to upload a revised version (denoted as version 2.2.1) of the NTRU+, including the revised specification and updated implementations.
Specification: [link]
Implementations: [link]
You can also download the above files in the Github:
We apologize for the inconvenience of releasing two specification updates in a short period.
In this version, we corrected typographical errors in Table 5, specifically regarding the number of Radix-2 NTT layers required. Additionally, the following changes were made in the implementation:
1.Adjustment in Lazy Barrett Reduction
While the code functioned correctly, there was an issue with the placement of Barrett reduction in the inverse NTT implementation in worst-case scenarios. To resolve this, we adjusted the placement of Barrett reduction across all relevant parts of the code. In the optimized implementation, we further minimized the use of Barrett reduction by unrolling loops in the inverse NTT. Note that, prior to Version 2.2.1, the reference and optimized implementations were identical. However, starting with Version 2.2.1, we have decided to manage them separately.
2.Replacing Barrett Reduction with Montgomery Reduction
In both the reference and optimized implementations, Barrett reduction was applied at the end of the NTT layers. In the optimized implementation, we replaced the Barrett reduction with Montgomery reduction in the final NTT layer to improve performance.
3.Updates to consts.c for AVX2
We revised the values in the `consts.c` file for NTRU+{KEM,PKE}864, which were previously set in the range 0 to q-1. These values have now been updated to the range -(q-1)/2 to (q-1)/2.
1.Adjustment in Lazy Barrett Reduction
While the code functioned correctly, there was an issue with the placement of Barrett reduction in the inverse NTT implementation in worst-case scenarios. To resolve this, we adjusted the placement of Barrett reduction across all relevant parts of the code. In the optimized implementation, we further minimized the use of Barrett reduction by unrolling loops in the inverse NTT. Note that, prior to Version 2.2.1, the reference and optimized implementations were identical. However, starting with Version 2.2.1, we have decided to manage them separately.
2.Replacing Barrett Reduction with Montgomery Reduction
In both the reference and optimized implementations, Barrett reduction was applied at the end of the NTT layers. In the optimized implementation, we replaced the Barrett reduction with Montgomery reduction in the final NTT layer to improve performance.
3.Updates to consts.c for AVX2
We revised the values in the `consts.c` file for NTRU+{KEM,PKE}864, which were previously set in the range 0 to q-1. These values have now been updated to the range -(q-1)/2 to (q-1)/2.
Thank you.
Best regards,
NTRU+ Team
Best regards,
NTRU+ Team
Reply all
Reply to author
Forward
0 new messages