NTRU encryption is astandardized public-key cryptosystem which is considered faster than RSA and ECC.For encryption, NTRU adds theproduct of (p.h*r) to the plaintext, where (p) is a predefined public parameter, (h) is the public key, and (r) is a pseudo-randomly generated blinding polynomial. For decryption, NTRU uses two private keys. We prove that for some parameters NTRU has the modulo p flaw,
... [Show full abstract] so NTRU-encrypted plaintext can be disclosed just by applying modulo p operation to the ciphertext without the need of using any of NTRU secret keys. We provide also statistical estimates of the probability of having NTRU modulo p flaw cases for different values of (N), where (N) is the order of polynomial ring used in NTRU. The probabilities show that NTRU modulo p flaw may take place rather often. NTRU amendment to withstand the flaw is proposed