RUSTSEC-2023-0079
See a problem?- Source
- https://rustsec.org/advisories/RUSTSEC-2023-0079
- Import Source
- https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2023-0079.json
- JSON Data
- https://api.osv.dev/v1/vulns/RUSTSEC-2023-0079
- Aliases
- Published
- 2023-12-01T12:00:00Z
- Modified
- 2024-04-12T21:07:31Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- KyberSlash: division timings depending on secrets
- Details
-
Various Kyber software libraries in various environments leak secret information into timing, specifically because
- these libraries include a line of code that divides a secret numerator by a public denominator,
- the number of CPU cycles for division in various environments varies depending on the inputs to the division, and
- this variation appears within the range of numerators used in these libraries.
The KyberSlash pages track which Kyber libraries have this issue, and include a FAQ about the issue.
Author
The KyberSlash pages were written by Daniel J. Bernstein. The FAQ originally said "I", but some people seemed to have trouble finding this authorship statement, so the FAQ now says "Bernstein" instead.
URL
The permanent link for the KyberSlash pages is https://kyberslash.cr.yp.to.
Mitigation status in
pqc_kybercrateThe issue has not been resolved in the upstream
pqc_kybercrate.A third-party fork that mitigates this attack vector has been published as
safe_pqc_kyber.Alternatives
The
ml-kemcrate is a maintained alternative pure Rust implementation of ML-KEM / Kyber. - References
-
- https://crates.io/crates/pqc_kyber
- https://rustsec.org/advisories/RUSTSEC-2023-0079.html
- https://github.com/Argyle-Software/kyber/issues/108
- https://kyberslash.cr.yp.to/faq.html
- https://kyberslash.cr.yp.to/libraries.html
- https://github.com/bwesterb/argyle-kyber/commit/b5c6ad13f4eece80e59c6ebeafd787ba1519f5f6
Affected packages
crates.io / pqc_kyber
Package
- Name
- pqc_kyber
- View open source insights on deps.dev
- Purl
- pkg:cargo/pqc_kyber