Performance Improvements and a Baseline Parameter Generation Algorithm for NTRUSign

The NTRUSign signature scheme was introduced in [8]. The original presentation gave a theoretical description of the scheme and an analysis of its security, along with several parameter choices which claimed to yield an 80 bit security level. The paper [8] did not give a general recipe for generating parameter sets to a specific level of security. In line with recent research on NTRUEncrypt [9], this paper presents an outline of such a recipe for NTRUSign. NTRUSign has many more implementation options than NTRUEncrypt, and research is ongoing to improve the efficiency of NTRUSign operations at a given security level. This paper is therefore not intended to be the last word on parameter generation for NTRUSign, but to provide a specific parameter generation algorithm whose output has, we believe, the stated security properties. We also present certain technical advances upon which we intend to build in subsequent papers. In addition to outlining a parameter generation algorithm for NTRUSign, this paper makes the following four important contributions.