| 摘要 |
<p>A secure method is disclosed which calculates a polynomial convolution operation for an NTRU cryptosystem as a public-key cryptosystem. The secure method calculates a polynomial convolution operation with a first polynomial (which corresponds to a public key or a ciphertext) and a second polynomial arbitrarily selectable in NTRU encryption and decryption. The method comprising: (1) initializing respective elements of an array by an initial value that is not zero; and (2) storing the polynomial convolution operation result of the first and second polynomials in the array initialized by the initial value that is not zero. The secure method provides a secure cryptosystem designed so that a polynomial convolution operation, which is a primary operation of an NTRU cryptosystem, has resistance against power analysis attacks, and a method for blocking power analysis attacks, such as simple power analysis (SPA) and differential power attack (DPA). The secure method can prevent power analysis attacks without large overheads and thus efficiently perform a polynomial convolution operation, thereby maintaining the performance of a security system above a certain level.</p> |
