Connect with us

Hi, what are you looking for?


Data Protection

NTRU Public Key Cryptography Released to Open Source Community to Address Crypto Challenges

Application security company Security Innovation released its NTRU public key cryptography system to the open source community for free in a bid to address challenges facing popular public-key crypto systems today.

Application security company Security Innovation released its NTRU public key cryptography system to the open source community for free in a bid to address challenges facing popular public-key crypto systems today.

According to Security Innovation, NTRU is a lattice-based public key cryptosystem meant to serve as an alternative to RSA and Elliptic Curve Cryptography (ECC). Developed in 1996, NTRU compromises three algorithms: NTRUEncrypt, NTRUSign and PASSSign. It has been adopted n the IEEE and X9 standards, and at “comparable cryptographic strength”, performs costly private key operations much faster than RSA or ECC, according to the company. As key sizes increase by a factor of n, RSA’s operations decrease by about n3 compared to n2 for NTRU.

With the GNU Public License (GPL) open source license, NTRU can be deployed in open source products. A commercial license is available to incorporate it into a proprietary product.

“The open source licensing of the NTRU crypto system will make it easier for wide-spread adoption of our X9.98 standard, allowing Financial Services companies to protect their important financial transactions,” said executive director Cynthia Fuller of Accredited Standards Committee X9 Financial Industry Standards, in a statement.

Advertisement. Scroll to continue reading.

According to Security Innovations, NTRU can enhance data security with its speed.

“Any application that requires fast performance (large amounts of data to be protected in a short amount of time) and/or high-levels of security for the next 10 years would benefit from the NTRU solution,” the company stated in a frequently asked questions section. “Furthermore, the small code size (small footprint) of the NTRU implementations make it suitable for even small embedded processors.”

“These applications include Payment Systems, secure messaging and email, mobile eCommerce, Healthcare, Near Field Communications (NFC), Vehicle Communications (V2V, V2I), Military/Aerospace, Web Browsers and Servers, Remote Backup Solutions, Voice over IP (VoIP), Online Presentations/Virtual Classrooms, Infrastructure (Railway switching, Traffic lights, etc), Utility meters and Cloud Provides/Datacenters,” the company continuned.

Open sourcing NTRU ensures that the implementation is solid and without the backdoors that we have learned about in proprietary implementations, Dr. William Whyte, chief scientist at Security Innovation and chair of the IEEE 1363 Working Group, said in a statement.

“We are fussy in the crypto world, and want to ensure that any adopted crypto is transparent and battle-tested,” he said. “NTRU has been successfully scrutinized by numerous government agencies and universities for over a decade.”

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybersecurity Funding

CommandK announced that it has raised $3 million in a seed funding round for a solution designed to help organizations secure sensitive data.