An implementation of the public-key encryption scheme NTRUEncrypt in C, following the IEEE P1363.1 standard.
NTRU's main strengths are high performance and resistance to quantum computer attacks. Its main drawback is that it is patent encumbered. The patents expire in 2020; when built with the NTRU_AVOID_HAMMING_WT_PATENT flag, libntru becomes patent-free in 2017.
Benchmark results:
For more information on the NTRUEncrypt algorithm, see the NTRU introduction page at https://tbuktu.github.com/ntru/.
Run make to build the library, or make test to run unit tests. make bench builds a benchmark program.
On *BSD, use gmake instead of make.
The SSE environment variable enables SSSE3 support (SSE=yes)
or disables it (SSE=no).
Default on Linux, BSD, and MacOS is to autodetect SSSE3 on the build host,
Windows default is no SSSE3.
#include "ntru.h"
/* key generation */
struct NtruEncParams params = NTRU_DEFAULT_PARAMS_128_BITS; /*see encparams.h for more*/
NtruRandGen rng_def = NTRU_RNG_DEFAULT;
NtruRandContext rand_ctx_def;
if (ntru_rand_init(&rand_ctx_def, &rng_def) != NTRU_SUCCESS)
printf("rng fail\n");
NtruEncKeyPair kp;
if (ntru_gen_key_pair(¶ms, &kp, &rand_ctx_def) != NTRU_SUCCESS)
printf("keygen fail\n");
/* deterministic key generation from password */
uint8_t seed[17];
strcpy(seed, "my test password");
NtruRandGen rng_igf2 = NTRU_RNG_IGF2;
NtruRandContext rand_ctx_igf2;
if (ntru_rand_init_det(&rand_ctx_igf2, &rng_igf2, seed, strlen(seed)) != NTRU_SUCCESS)
printf("rng fail\n");
if (ntru_gen_key_pair(¶ms, &kp, &rand_ctx_igf2) != NTRU_SUCCESS)
printf("keygen fail\n");
/* encryption */
uint8_t msg[9];
strcpy(msg, "whatever");
uint8_t enc[ntru_enc_len(¶ms)];
if (ntru_encrypt(msg, strlen(msg), &kp.pub, ¶ms, &rand_ctx_def, enc) != NTRU_SUCCESS)
printf("encrypt fail\n");
/* decryption */
uint8_t dec[ntru_max_msg_len(¶ms)];
uint16_t dec_len;
if (ntru_decrypt((uint8_t*)&enc, &kp, ¶ms, (uint8_t*)&dec, &dec_len) != NTRU_SUCCESS)
printf("decrypt fail\n");
/* generate another public key for the existing private key */
NtruEncPubKey pub2;
if (ntru_gen_pub(¶ms, &kp.priv, &pub2, &rand_ctx_def) != NTRU_SUCCESS)
printf("pub key generation fail\n");
/* release RNG resources */
if (ntru_rand_release(&rand_ctx_def) != NTRU_SUCCESS)
printf("rng fail\n");
if (ntru_rand_release(&rand_ctx_igf2) != NTRU_SUCCESS)
printf("rng fail\n");
/* export key to uint8_t array */
uint8_t pub_arr[ntru_pub_len(¶ms)];
ntru_export_pub(&kp.pub, pub_arr);
/* import key from uint8_t array */
NtruEncPubKey pub;
ntru_import_pub(pub_arr, &pub);
For encryption of messages longer than ntru_max_msg_len(...), see src/hybrid.c
(requires OpenSSL lib+headers, use make hybrid to build).
libntru has been tested on Linux, FreeBSD, OpenBSD, Mac OS X, and Windows (MingW).
- Wikipedia article: https://en.wikipedia.org/wiki/NTRUEncrypt
- Original NTRUEncrypt paper: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.25.8422&rep=rep1&type=pdf
- Follow-up NTRUEncrypt paper: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.64.6834&rep=rep1&type=pdf
- NTRU articles (technical and mathematical): https://www.securityinnovation.com/products/encryption-libraries/ntru-crypto/ntru-resources.html
- EESS: http://grouper.ieee.org/groups/1363/lattPK/submissions/EESS1v2.pdf
- Jeffrey Hoffstein et al: An Introduction to Mathematical Cryptography, Springer-Verlag, ISBN 978-0-387-77993-5