Software
PQClean
Implementations of ntruhps2048509, ntruhps2048677, ntruhrss701, and ntruhps4096821 have been incorporated into PQClean.
BoringSSL
Adam Langley's implementation of ntruhrss701 is available in BoringSSL. Note that this implementation uses SHA-256 instead of SHA3 and is therefore not compatible with our implementations.
SUPERCOP packages
SUPERCOP is a toolkit for measuring the performance of cryptographic software. Recent versions of SUPERCOP include reference C implementations of ntruhps2048509, ntruhps2048677, ntruhrss701, and ntruhps4096821 and optimized AVX2 implementations of ntruhps2048509, ntruhps2048677, and ntruhrss701. Benchmarking results can be found at bench.cr.yp.to. Our most recent SUPERCOP submission package can be downloaded here (tar.gz). Previous submission packages are linked in the changelog below.
- 2020-08-23: TIMECOP metadata. Fixed potential timing leak. Namespacing. [tar.gz]
- 2020-03-23: New implementation of ntruhps4096821 using AVX2 instructions. [tar.gz]
- 2019-08-16: Removed unused position-dependent code. [tar.gz]
- 2019-08-03: New implementation of ntruhps2048677 using AVX2 instructions. [tar.gz]
- 2019-07-31: New implementation of ntruhps2048509 using AVX2 instructions. [tar.gz]
Git repository
Development releases of our software are made available on GitHub.
Most users should not use these releases.
To download and build the development software, follow these steps:
cd ref-ntruhrss701 && make
cd ../avx2-ntruhrss701 && make
This will build the following binaries:
- test_keypair, test_encap, and test_decap are used by the test_compatibility.sh script to ensure that the ref and the avx2 implementations are computing the same output.
- test_ntru tests functionality of encapsulation and decapsulation.
- speed benchmarks keypair generation, encapsulation, decapsulation and various subroutines.