Package org.bouncycastle.pqc.legacy.crypto.ntru

Class NTRUEncryptionParameters

java.lang.Object
org.bouncycastle.pqc.legacy.crypto.ntru.NTRUEncryptionParameters
All Implemented Interfaces:
Cloneable
public class NTRUEncryptionParameters extends Object implements Cloneable
A set of parameters for NtruEncrypt. Several predefined parameter sets are available and new ones can be created as well.

  • Field Details

    • N

      public int N

    • q

      public int q

    • df

      public int df

    • df1

      public int df1

    • df2

      public int df2

    • df3

      public int df3

    • dr

      public int dr

    • dr1

      public int dr1

    • dr2

      public int dr2

    • dr3

      public int dr3

    • dg

      public int dg

    • maxMsgLenBytes

      public int maxMsgLenBytes

    • db

      public int db

    • bufferLenBits

      public int bufferLenBits

    • dm0

      public int dm0

    • pkLen

      public int pkLen

    • c

      public int c

    • minCallsR

      public int minCallsR

    • minCallsMask

      public int minCallsMask

    • hashSeed

      public boolean hashSeed

    • oid

      public byte[] oid

    • sparse

      public boolean sparse

    • fastFp

      public boolean fastFp

    • polyType

      public int polyType

    • hashAlg

      public Digest hashAlg

  • Constructor Details

    • NTRUEncryptionParameters

      public NTRUEncryptionParameters(int N, int q, int df, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
      Constructs a parameter set that uses ternary private keys (i.e. polyType=SIMPLE).
      Parameters:
      N - number of polynomial coefficients
      q - modulus
      df - number of ones in the private polynomial f
      dm0 - minimum acceptable number of -1's, 0's, and 1's in the polynomial m' in the last encryption step
      db - number of random bits to prepend to the message
      c - a parameter for the Index Generation Function (IndexGenerator)
      minCallsR - minimum number of hash calls for the IGF to make
      minCallsMask - minimum number of calls to generate the masking polynomial
      hashSeed - whether to hash the seed in the MGF first (true) or use the seed directly (false)
      oid - three bytes that uniquely identify the parameter set
      sparse - whether to treat ternary polynomials as sparsely populated (SparseTernaryPolynomial vs DenseTernaryPolynomial)
      fastFp - whether f=1+p*F for a ternary F (true) or f is ternary (false)
      hashAlg - a valid identifier for a java.security.MessageDigest instance such as SHA-256. The MessageDigest must support the getDigestLength() method.

    • NTRUEncryptionParameters

      public NTRUEncryptionParameters(int N, int q, int df1, int df2, int df3, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
      Constructs a parameter set that uses product-form private keys (i.e. polyType=PRODUCT).
      Parameters:
      N - number of polynomial coefficients
      q - modulus
      df1 - number of ones in the private polynomial f1
      df2 - number of ones in the private polynomial f2
      df3 - number of ones in the private polynomial f3
      dm0 - minimum acceptable number of -1's, 0's, and 1's in the polynomial m' in the last encryption step
      db - number of random bits to prepend to the message
      c - a parameter for the Index Generation Function (IndexGenerator)
      minCallsR - minimum number of hash calls for the IGF to make
      minCallsMask - minimum number of calls to generate the masking polynomial
      hashSeed - whether to hash the seed in the MGF first (true) or use the seed directly (false)
      oid - three bytes that uniquely identify the parameter set
      sparse - whether to treat ternary polynomials as sparsely populated (SparseTernaryPolynomial vs DenseTernaryPolynomial)
      fastFp - whether f=1+p*F for a ternary F (true) or f is ternary (false)
      hashAlg - a valid identifier for a java.security.MessageDigest instance such as SHA-256

    • NTRUEncryptionParameters

      public NTRUEncryptionParameters(InputStream is) throws IOException
      Reads a parameter set from an input stream.
      Parameters:
      is - an input stream
      Throws:
      IOException

  • Method Details

    • clone

      public NTRUEncryptionParameters clone()
      Overrides:
      clone in class Object

    • getMaxMessageLength

      public int getMaxMessageLength()
      Returns the maximum length a plaintext message can be with this parameter set.
      Returns:
      the maximum length in bytes

    • writeTo

      public void writeTo(OutputStream os) throws IOException
      Writes the parameter set to an output stream
      Parameters:
      os - an output stream
      Throws:
      IOException

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public boolean equals(Object obj)
      Overrides:
      equals in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object