OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-02 01:26:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove enum variants from RUSTSEC-2022-0045 (#1340)

Browse Source 
* Enum variants can't be put in [affected.functions]
* add note about affected variants in prose
This commit is contained in:
Thom Wiggers
2022-08-11 15:45:48 +02:00
committed by GitHub
parent db3a09a691
commit cc8e02bc30
1 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
crates/oqs/RUSTSEC-2022-0045.md
View File

@@ -5,23 +5,24 @@ package = "oqs"
date = "2022-07-30"
categories = ["crypto-failure"]
[affected.functions]
"oqs::kem::Algorithm::SidhP434" = ["*"]
"oqs::kem::Algorithm::SidhP503" = ["*"]
"oqs::kem::Algorithm::SidhP610" = ["*"]
"oqs::kem::Algorithm::SidhP751" = ["*"]
"oqs::kem::Algorithm::SidhP434Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP503Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP610Compressed" = ["*"]
"oqs::kem::Algorithm::SidhP751Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP434" = ["*"]
"oqs::kem::Algorithm::SikeP503" = ["*"]
"oqs::kem::Algorithm::SikeP610" = ["*"]
"oqs::kem::Algorithm::SikeP751" = ["*"]
"oqs::kem::Algorithm::SikeP434Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP503Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP610Compressed" = ["*"]
"oqs::kem::Algorithm::SikeP751Compressed" = ["*"]
# affected enum variants
# ([affected.functions] needs them to be functions)
# "oqs::kem::Algorithm::SidhP434" = ["*"]
# "oqs::kem::Algorithm::SidhP503" = ["*"]
# "oqs::kem::Algorithm::SidhP610" = ["*"]
# "oqs::kem::Algorithm::SidhP751" = ["*"]
# "oqs::kem::Algorithm::SidhP434Compressed" = ["*"]
# "oqs::kem::Algorithm::SidhP503Compressed" = ["*"]
# "oqs::kem::Algorithm::SidhP610Compressed" = ["*"]
# "oqs::kem::Algorithm::SidhP751Compressed" = ["*"]
# "oqs::kem::Algorithm::SikeP434" = ["*"]
# "oqs::kem::Algorithm::SikeP503" = ["*"]
# "oqs::kem::Algorithm::SikeP610" = ["*"]
# "oqs::kem::Algorithm::SikeP751" = ["*"]
# "oqs::kem::Algorithm::SikeP434Compressed" = ["*"]
# "oqs::kem::Algorithm::SikeP503Compressed" = ["*"]
# "oqs::kem::Algorithm::SikeP610Compressed" = ["*"]
# "oqs::kem::Algorithm::SikeP751Compressed" = ["*"]
[versions]
@@ -34,4 +35,6 @@ Wouter Castryck and Thomas Decru presented an efficient key recovery attack on t
As a result, the secret key of SIKEp751 can be recovered in a matter of hours.
The SIKE and SIDH schemes will be removed from oqs 0.7.2.
The affected schemes are the `oqs::kem::Algorithm::Sike*` and `oqs::kem::Algorithm::Sidh*` enum variants.
[An efficient key recovery attack on SIDH (preliminary version)](https://eprint.iacr.org/2022/975)