Message Recovery Attack in NTRU through VFK Lattices

In the present paper, we implement a message recovery attack to all variants of the NTRU cryptosystem. Our approach involves a reduction from the NTRU-lattice to a Voronoi First Kind lattice, enabling the application of a polynomial CVP exact algorithm crucial for executing the Message Recovery. The efficacy of our attack relies on a specific oracle that permits us to approximate an unknown quantity. Furthermore, we outline the mathematical conditions under which the attack is successful. Finally, we delve into a well-established polynomial algorithm for CVP on VFK lattices and its implementation, shedding light on its efficacy in our attack. Subsequently, we present comprehensive experimental results on the NTRU-HPS and the NTRU-Prime variants of the NIST submissions and propose a method that could indicate the resistance of the NTRU cryptosystem to our attack.