{"id":132,"date":"2025-04-09T22:49:00","date_gmt":"2025-04-09T14:49:00","guid":{"rendered":"http:\/\/www.triode.cc\/?p=132"},"modified":"2025-10-22T09:05:49","modified_gmt":"2025-10-22T01:05:49","slug":"ntru","status":"publish","type":"post","link":"https:\/\/www.triode.cc\/index.php\/2025\/04\/09\/ntru\/","title":{"rendered":"NTRU"},"content":{"rendered":"\n
\n

\u53c2\u8003\u8d44\u6599\uff1aAn Introduction to Mathematical Cryptography | SpringerLink<\/a><\/p>\n<\/blockquote>\n\n\n\n

\u524d\u7f6e\u77e5\u8bc6<\/h2>\n\n\n\n

\u683c<\/h3>\n\n\n\n

\u4e0e\u683c\u76f8\u5173\u7684\u524d\u7f6e\u77e5\u8bc6\u5728\u8fd9\u7bc7\u535a\u5ba2<\/a>\u91cc\u9762\u90fd\u6709\u63d0\u53ca<\/p>\n\n\n\n

\u5377\u79ef\u591a\u9879\u5f0f\u73af<\/h3>\n\n\n\n

\u5bf9\u4e8e\u4e00\u4e2a\u6574\u6570\\(N\\)\uff0c\u79e9\u4e3a\\(N\\)\u7684\u5377\u79ef\u591a\u9879\u5f0f\u73af\u5373\u4e3a\u5982\u4e0b\u5546\u73af\uff1a<\/p>\n\n\n\n

$$
R=\\frac{\\mathbb{Z}[x]}{(x^{N}-1)}
$$<\/p>\n\n\n\n

\u7c7b\u4f3c\u7684\u6211\u4eec\u4e5f\u53ef\u4ee5\u5b9a\u4e49\u51fa\u6a21\\(q\\)\u7684\u5377\u79ef\u591a\u9879\u5f0f\u73af\u4e3a\u5982\u4e0b\u5546\u73af\uff1a<\/p>\n\n\n\n

$$
R_q=\\frac{(\\mathbb{Z}\/q\\mathbb{Z})[x]}{(x^{N}-1)}
$$<\/p>\n\n\n\n

\u53ef\u4ee5\u77e5\u9053\u5377\u79ef\u591a\u9879\u5f0f\u73af\u4e2d\u6bcf\u4e00\u4e2a\u591a\u9879\u5f0f\\(a(x)\\)\u90fd\u6709\u552f\u4e00\u7684\u8868\u793a\uff08\u5728\u8fd9\u4e4b\u540e\uff0c\u6211\u4eec\u9ed8\u8ba4\u5377\u79ef\u591a\u9879\u5f0f\u73af\u5185\u7684\u591a\u9879\u5f0f\u90fd\u662f\u5982\u4e0b\u8868\u793a\uff09\uff1a<\/p>\n\n\n\n

$$
a(x)=a_0+a_1x+a_2x^2+\\cdots+a_{N-1}x^{N-1}
$$<\/p>\n\n\n\n

\u5176\u4e2d\\(a_0,a_1,\\cdots,a_{N-1}\\in \\mathbb{Z}\\)\uff08\u6216\u8005\\(\\mathbb{Z}\/q\\mathbb{Z}\\)\uff0c\u8fd9\u53d6\u51b3\u4e8e\u8fd9\u4e2a\u5377\u79ef\u591a\u9879\u5f0f\u73af\u662f\u4e00\u822c\u7684\u5377\u79ef\u591a\u9879\u5f0f\u73af\u8fd8\u662f\u6a21\\(q\\)\u7684\u5377\u79ef\u591a\u9879\u5f0f\u73af\uff09 \u5377\u79ef\u591a\u9879\u5f0f\u73af\u662fNTRU\u5bc6\u7801\u4f53\u7cfb\u7684\u57fa\u7840\u3002<\/p>\n\n\n\n

center-lift<\/h3>\n\n\n\n

\u5bf9\u4e8e\\(R_q\\)\u4e0a\u4e00\u4e2a\u591a\u9879\u5f0f\\(a(x)\\)\uff0c\\(a(x)\\)\u5230\\(R\\)\u4e0a\u7684center-lift\u5373\u4e3a\u4e00\u4e2a\u591a\u9879\u5f0f\\(a'(x)\\)\u6ee1\u8db3\uff1a<\/p>\n\n\n\n

$$
a'(x)\\equiv a(x)\\pmod{q}
$$<\/p>\n\n\n\n

\u5176\u4e2d\\(a'(x)\\)\u7684\u7cfb\u6570\\(a_i’\\in(-\\frac{q}{2},\\frac{q}{2}]\\). \u5bf9\u4e8e\u4e00\u4e2a\u591a\u9879\u5f0f\uff0c\u8981\u83b7\u5f97\u5176center-lift\u6709\u5982\u4e0b\u7b97\u6cd5\uff1a<\/p>\n\n\n\n

$$
a_i’= \\begin{cases} a_i&,0\\le a_i\\le\\frac{q}{2}\\\\ a_i-q&,\\frac{q}{2}< a_i< q \\end{cases}
$$<\/p>\n\n\n\n

center-lift\u53ef\u4ee5\u901a\u8fc7\u5982\u4e0b\u4ee3\u7801\u5b9e\u73b0\uff1a<\/p>\n\n\n\n

<\/circle><\/circle><\/circle><\/g><\/svg><\/span>