GHSA-f6jh-hvg2-9525: crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)

Package

gomod github.com/kudelskisecurity/crystals-go (Go)

Affected versions

< 0.0.0-20240116172146-2a6ca2d4e64d

Patched versions

0.0.0-20240116172146-2a6ca2d4e64d

Description

Impact

On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn (parts of) the secret key.

Patches

Patched in kudelskisecurity/crystals-go#21

Note

This library was written as part of a MsC student project in the Cybersecurity Team at Kudelski Security. It is not actively maintained anymore. It is only intended for research and testing. We discourage its use in any production environment. Kudelski Security does not use this library as part of their commercial offers or product. This has now been clarified on the project’s README.

References

https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/ldX0ThYJuBo
http://kyberslash.cr.yp.to/

References

• GHSA-f6jh-hvg2-9525
• kudelskisecurity/crystals-go#19
• kudelskisecurity/crystals-go#20
• kudelskisecurity/crystals-go#21
• kudelskisecurity/crystals-go@2a6ca2d
• https://kyberslash.cr.yp.to/faq

tgkudelski published to kudelskisecurity/crystals-go

Jan 16, 2024

Published to the GitHub Advisory Database

Jan 17, 2024

Reviewed

Jan 17, 2024