QNSP
Start building free
Why QNSP
The Quantum ImperativeWhy QNSPPQC Migration GuideCompetitive AnalysisVet PQC Vendors
Platform
Platform ArchitectureCapabilitiesUse Cases by IndustryKnowledge BaseBlogResearch
Trust
Trust HubCompliance MappingNIST ACVP ConformancePerformance BenchmarksEntropy ChainAlgorithm CatalogSystem Status
Developers
Developer HubUse CasesAI Assistants (MCP)
PricingContactStart building free

Key Encapsulation

NTRU Prime

NTRU Prime (Streamlined / Light NTRU Prime)

non-FIPSlattice-based1 parameter setsQNSP tier: default+provider: liboqsalso called: sntrup761, ntrulpr761
NTRU variant designed to use a prime-degree ring polynomial, removing certain structural concerns. Notably deployed in OpenSSH's default post-quantum key exchange.

Mechanism

How it works

NTRU Prime uses an irreducible prime-degree ring polynomial x^p - x - 1, avoiding the smooth-factorisation structure of x^n - 1. Two variants: Streamlined NTRU Prime (sntrup) and Light NTRU Prime (ntrulpr).

Parameter Sets

1 variants shipped

Each variant trades security category against key, ciphertext, or signature size. QNSP exposes all variants via the @cuilabs/liboqs-native binding; tenant crypto-policy determines which are allowed.

VariantNIST LevelPublic KeySecret KeyCiphertextNote
sntrup761L31,158 B1,763 B1,039 BDefault post-quantum KEM in OpenSSH 9.0+. Recognisable name to network security buyers.

NIST ACVP

Conformance evidence

QNSP runs the official NIST ACVP test vectors against every shipped algorithm. Live evidence + SHA-3-256 tamper digest at /verify/conformance.

@noble/post-quantum
non-addressable
Pure-JavaScript reference; cross-verification secondary on Maximum + Government tiers.
@cuilabs/liboqs-native
non-addressable
Native-C primary production engine. Runs across every QNSP backend service.
View live ACVP evidence →

Use Cases

When to use it

  • Compatibility with OpenSSH PQ key exchange
  • Customers preferring prime-degree NTRU variants

Trade-offs

What you give up, what you get

  • Recognisable in SSH ecosystem
  • Smaller liboqs surface than ML-KEM or HQC

FAQ

NTRU Prime — frequently asked questions

Concise, source-of-truth answers to the questions buyers and engineers ask most about this algorithm.

What is NTRU Prime?

NTRU Prime (NTRU Prime (Streamlined / Light NTRU Prime)) is a lattice based post-quantum key encapsulation mechanism. It is designed to resist attacks from both classical and quantum computers, and QNSP ships 1 of its parameter sets. It is also known as sntrup761, ntrulpr761.

Is NTRU Prime NIST-standardized?

NTRU Prime is not a finalized NIST FIPS standard. QNSP ships it as a non-FIPS post-quantum option, typically to add an independent cryptographic assumption (lattice based) alongside the FIPS-standardized ML-KEM and ML-DSA for defence-in-depth.

What is NTRU Prime used for?

On QNSP, NTRU Prime is used for Compatibility with OpenSSH PQ key exchange; Customers preferring prime-degree NTRU variants. It is available from the default crypto-policy tier upward via the liboqs provider.

References

Primary sources