OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-27 06:29:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add advisory for the kyberslash timing attack (#1872)

Browse Source 
* Add advisory for the kyberslash timing attack

* seems like rustsec doesn't support the cvss 3.1 'Temporal Score Metrics'

* fixed review feedback

* Mention the safe fork

---------

Co-authored-by: Alexander Kjäll <alexander.kjaell@schibsted.com>
Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
This commit is contained in:
Alexander Kjäll
2024-02-09 02:59:49 +01:00
committed by GitHub
parent f48f2ed5e0
commit ad9fb41032
1 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
crates/pqc_kyber/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,38 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "pqc_kyber"
date = "2023-12-01"
url = "https://github.com/Argyle-Software/kyber/issues/108"
references = ["https://kyberslash.cr.yp.to/faq.html", "https://kyberslash.cr.yp.to/libraries.html", "https://github.com/bwesterb/argyle-kyber/commit/b5c6ad13f4eece80e59c6ebeafd787ba1519f5f6"]
categories = ["crypto-failure"]
cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
keywords = ["timing-attack"]
[affected]
[versions]
patched = []
```
# KyberSlash: division timings depending on secrets
Various Kyber software libraries in various environments leak secret information into timing, specifically because
* these libraries include a line of code that divides a secret numerator by a public denominator,
* the number of CPU cycles for division in various environments varies depending on the inputs to the division, and
* this variation appears within the range of numerators used in these libraries.
The KyberSlash pages track which Kyber [libraries](https://kyberslash.cr.yp.to/libraries.html) have this issue, and include a [FAQ](https://kyberslash.cr.yp.to/faq.html) about the issue.
## Author
The KyberSlash pages were written by Daniel J. Bernstein. The FAQ originally said "I", but some people seemed to have trouble finding this authorship statement, so the FAQ now says "Bernstein" instead.
## URL
The permanent link for the KyberSlash pages is [https://kyberslash.cr.yp.to](https://kyberslash.cr.yp.to).
## Mitigation status in qpc_kyber crate
The issues has not been resolved in the `qpc_kyber` crate. A third-party fork that mitigates this attack vector has been published as [`safe_pqc_kyber`](https://crates.io/crates/safe_pqc_kyber).