OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 18:41:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

oqs: SIKE and SIDH are insecure (#1338)

Browse Source
This commit is contained in:
Thom Wiggers
2022-08-09 12:24:53 +02:00
committed by GitHub
parent a8ebada593
commit 6629c1333a
1 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
crates/oqs/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,37 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "oqs"
date = "2022-07-30"
categories = ["crypto-failure"]
[affected.functions]
"oqs::kem::Algorithm::SidhP434" = ["*"]
"oqs::kem::Algorithm::SidhP503" = ["*"]
"oqs::kem::Algorithm::SidhP610" = ["*"]
"oqs::kem::Algorithm::SidhP751" = ["*"]
"oqs::kem::Algorithm::SidhP434Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP503Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP610Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP751Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP434" = ["*"]
"oqs::kem::Algorithm::SikeP503" = ["*"]
"oqs::kem::Algorithm::SikeP610" = ["*"]
"oqs::kem::Algorithm::SikeP751" = ["*"]
"oqs::kem::Algorithm::SikeP434Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP503Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP610Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP751Compressed" = ["*"]
[versions]
patched = [">= 0.7.2"]
```
# Post-Quantum Key Encapsulation Mechanism SIKE broken
Wouter Castryck and Thomas Decru presented an efficient key recovery attack on the SIDH protocol.
As a result, the secret key of SIKEp751 can be recovered in a matter of hours.
The SIKE and SIDH schemes will be removed from oqs 0.7.2.
[An efficient key recovery attack on SIDH (preliminary version)](https://eprint.iacr.org/2022/975)