DBTRU was proposed by Thang and Binh in 2015. As a variant of NTRU, the integer polynomial ring is replaced by two binary truncated polynomial rings GF(2)[x]/(xn+1). DBTRU has some advantages over NTRU in terms of security and performance. In this paper, we propose a polynomial-time linear algebra attack against the DBTRU cryptosystem, which can break DBTRU for all recommended parameter choices. The paper shows that the plaintext can be achieved in less than 1 s via the linear algebra attack on a single PC.
Keywords: DBTRU; NTRU; lattice-based attacks; linear algebra attack; public key cryptosystem.