NTRUEncrypt SDK for C/C++
User’s Notes
Security Innovation, Inc., September 2013
Introduction
The NTRUEncrypt SDK for C/C++ implements the NTRUEncrypt algorithm, a replacement for legacy
public-key encryption algorithms such as RSA. NTRUEncrypt gives incredible performance gains at no
loss in security.
The September 2013 release of this SDK includes documentation in the form of sample code, source
code, and fully documented header files to let you get up and running with NTRUEncrypt as quickly as
possible. The notes in this short document supplement the sample code and header files, and provide
extra background information to help you use NTRUEncrypt in the way best suited to your needs.
Choosing a Parameter Set
The NTRUEncrypt SDK contains 16 different “parameter sets” which allow the user to select the
appropriate security level. The parameter sets are specified using the NTRU_ENCRYPT_PARAM_SET_ID
given in the header file crypto_ntru.h. The parameter set chosen is specified at key generation time;
when the private and public keys are generated, the parameter set is encoded into the key blob.
The parameter set you choose depends on the following considerations:
What security level do you need?
Do you require compatibility with ASC Standard X9.98-2010 (for example, are you responding to
an RFP that requires this compatibility?)
Is it most important to minimize operation time, bandwidth, or both?
Once you have the answers to the questions above, Table 1 will tell you what parameter set to use. Note
that this SDK does not provide a parameter set at the commonly used RSA-1024 security level,
equivalent to 80-bit symmetric ciphers or 163-bit Elliptic Curve cryptography. This is because RSA-1024
is deprecated by NIST, Microsoft, and the CA/Browser Forum, and certificates at that security level will
no longer be issued after December 31, 2010 (see, for example, http://technet.microsoft.com/en-
us/library/cc751157.aspx).