{"id":26808505,"url":"https://github.com/openzebra/ntrulp","last_synced_at":"2025-10-26T18:38:31.184Z","repository":{"id":184464685,"uuid":"662393324","full_name":"openzebra/ntrulp","owner":"openzebra","description":null,"archived":false,"fork":false,"pushed_at":"2024-09-08T14:52:01.000Z","size":378,"stargazers_count":4,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-28T02:48:37.235Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/openzebra.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-07-05T03:33:15.000Z","updated_at":"2024-12-22T08:57:49.000Z","dependencies_parsed_at":null,"dependency_job_id":"3100c14c-fd21-4216-82f2-5d53225e1925","html_url":"https://github.com/openzebra/ntrulp","commit_stats":null,"previous_names":["zebra-sh/ntrulpr","openzebra/ntrulp"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openzebra%2Fntrulp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openzebra%2Fntrulp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openzebra%2Fntrulp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/openzebra%2Fntrulp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/openzebra","download_url":"https://codeload.github.com/openzebra/ntrulp/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250448910,"owners_count":21432342,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-03-30T00:28:58.446Z","updated_at":"2025-10-26T18:38:31.090Z","avatar_url":"https://github.com/openzebra.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# NTRUP Rust\n\nThis repository presents an implementation of high-security prime-degree large-Galois-group inert-modulus ideal-lattice-based cryptography on rust programing langudge.\n“Prime degree” etc. are defenses against potential attacks; see [official website](https://www.ntru.org/).\n\nThis implementation uses: Fields of the form (Z/q)[x]/(xp −x−1), where p is prime, are used in “NTRU Prime”, introduced in this paper, and have all of our recommended defenses.\n\n## Notation and Parameters for NTRU Prime\n\nIn the context of NTRU Prime, several parameters and notations\nplay a crucial role in defining the cryptographic system.\n\n### Parameter Set\n\nA parameter set for NTRU Prime is represented as a triple (p, q, w), \nwhich forms the foundation of the primary algebraic structures in the system.\nLet's break down these parameters:\n\n * P: This parameter corresponds to the degree of the irreducible polynomial P = xp − x − 1 and is required to be a prime number. Commonly used values for p in the parameter sets are 653, 761, 857, 953, 1013, 1277  .\n * Q: Representing the characteristic of the field R/q = (Z/q)[x]/P, q is also a prime number. The values typically employed for q depend on the specific degree considered in [5] and include 4621, 4591, 5167, 6343, 7177, 7879.\n * W: The weight parameter W is a positive integer that governs the number of non-zero coefficients within specific polynomials.\n\n * P = 653, Q = 4621, W = 288\n * P = 761, Q = 4591, W = 286\n * P = 857, Q = 5167, W = 322\n * P = 953, Q = 6343, W = 396\n * P = 1013, Q = 7177, W = 448\n * P = 1277, Q = 7879, W = 492\n\n#### Extra parameter Set\n * `R3_BYTES` - Size of encoded R3 poly\n * `RQ_BYTES` - Size of bytes encoded Rq poly\n * `PUBLICKEYS_BYTES` - Size encoded public Key\n * `SECRETKEYS_BYTES` - Size of Secret Key\n * `DIFFICULT` - This parameter is responsible for the complexity of the algorithm for applying statistical analysis to it.\n\nValid Parameter Set Conditions\n\nTo ensure the validity of a parameter set, it must meet the following conditions:\n\n * `2P ≥ 3W`: This inequality places a constraint on the relationship between p and w, emphasizing the importance of a balanced selection of these parameters.\n * `Q ≥ 16W + 1`: Another crucial condition, this inequality imposes restrictions on q relative to the weight parameter w.\n\nNotational Abbreviations\n\nFor brevity and clarity, the following notational abbreviations are used:\n\nR3: Denotes the ring (Z/3)[x]/P, which is a specific variant related to the ring R.\nRq: Represents the field (Z/q)[x]/P, another critical element in the cryptographic system.\n\n## Rust Features\n\nYou can select parameters through features, you must select parameters!\n\n * ntrup653\n * ntrup761\n * ntrup857\n * ntrup953\n * ntrup1013\n * ntrup1277\n\n```\n# Cargo.toml\n\nntrulp = { version = \"0.1.7\", features = [\"ntrup653\"] }\nntrulp = { version = \"0.1.7\", features = [\"ntrup761\"] }\nntrulp = { version = \"0.1.7\", features = [\"ntrup857\"] }\nntrulp = { version = \"0.1.7\", features = [\"ntrup953\"] }\nntrulp = { version = \"0.1.7\", features = [\"ntrup1013\"] }\nntrulp = { version = \"0.1.7\", features = [\"ntrup1277\"] }\n\n#enable std\nntrulp = { version = \"0.1.7\", features = [\"ntrup1277\", \"std\"] }\n```\n\n\n### install\n```bash\ncargo add ntrulp\n```\n\n\n\n### Testing\n\n```bash\ncargo test --features ntrup1277\n\n```\n\n```bash\ncargo bench --features std\n```\n\n## Keys Generation:\n```rust\nlet mut rng = rand::thread_rng();\nlet f: Rq = Rq::from(short_random(\u0026mut rng).unwrap());\nlet mut g: R3;\nlet sk = loop {\n    // use a loop because there are no guarantees that\n    // the random number generator will produce the correct\n    // combination that can enter and combine with f.\n    g = R3::from(random_small(\u0026mut rng));\n\n    match PrivKey::compute(\u0026f, \u0026g) {\n        Ok(s) =\u003e break s,\n        Err(_) =\u003e continue,\n    };\n};\n\n// if you have f, and g use compute, because it is faster!\nlet pk = PubKey::compute(\u0026f, \u0026g).unwrap();\n\n// create PubKey from secret key.\nlet imported_pk = PubKey::from_sk(\u0026sk).unwrap();\n\n// convert to bytes\nlet pk_bytes = imported_pk.to_bytes();\n\n// restore from bytes.\nlet from_bytes: PubKey = pk_bytes.into();\n\nassert_eq!(from_bytes.coeffs, pk.coeffs);\n```\n## Encrypt/Decrypt bytes example\n```rust\n// create random generator.\nlet mut rng = rand::thread_rng();\nlet mut bytes = [0u8; R3_BYTES];\n\nrng.fill_bytes(\u0026mut bytes);\n\n// see Keys Generation\nlet (sk, pk) = gen_keys().unwrap();\n\n// encryption for one thread only.\nlet plaintext = Rq::from(short_random(\u0026mut rng).unwrap())\n    .r3_from_rq()\n    .to_bytes();\n\nlet encrypted = static_bytes_encrypt(\u0026plaintext, \u0026pk);\nlet decrypted = static_bytes_decrypt(\u0026encrypted, \u0026sk);\n\nassert_eq!(decrypted, plaintext);\n\nlet mut origin_plaintext = vec![0u8; 1024];\nrng.fill_bytes(\u0026mut origin_plaintext);\n\nlet mut ciphertext =\n    std_cipher::bytes_encrypt(\u0026mut rng, \u0026origin_plaintext, pk.clone()).unwrap();\nlet plaintext = std_cipher::bytes_decrypt(\u0026ciphertext, sk.clone()).unwrap();\n\nassert_eq!(plaintext, origin_plaintext);\n```\n\n## TODO\n - add Falcon algorithm for sign,verify signature\n\n## Warnings\n\n#### Implementation \nThis implementation has not undergone any security auditing and while care has been taken no guarantees can be made for either correctness or the constant time running of the underlying functions. **Please use at your own risk.**\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenzebra%2Fntrulp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopenzebra%2Fntrulp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopenzebra%2Fntrulp/lists"}