Revision - d98a162 - Update Kyber poly_tomsg to fix timing leak (w/ -Os) - origin: https://github.com/mupq/pqm4

visit type:

https://github.com/mupq/pqm4

05 April 2024, 04:02:14 UTC

Revision d98a1623ae6d942ad166638a66c287eb3b884e47 authored by Matthias J. Kannwischer on 18 December 2023, 02:07:27 UTC, committed by rpls on 19 December 2023, 13:44:24 UTC

Update Kyber poly_tomsg to fix timing leak (w/ -Os)

This (partially) addresses https://github.com/mupq/pqm4/issues/319.

The function poly_tomsg from the reference implementation of Kyber
(which was copied into the M4-optimized implementations) would result
in a variable-time udiv instruction operating on secret data when compiled
with gcc using -Os. I tried a couple of versions from gcc 11 to gcc 13,
but did not see any difference.

This commit updates the m4-specific code to use the patch from
https://github.com/pq-crystals/kyber/commit/dda29cc63af721981ee2c831cf00822e69be3220.
Note that the code in PQClean has not yet been updated and hence the
clean implementation within pqm4 is still vulnerable.

1 parent dc26f54

Files
Changes

Permalinks

Tip revision: d98a1623ae6d942ad166638a66c287eb3b884e47 authored by Matthias J. Kannwischer on 18 December 2023, 02:07:27 UTC
Update Kyber poly_tomsg to fix timing leak (w/ -Os)

Tip revision: d98a162

build_everything.py

#!/usr/bin/env python3
"""
Builds all of the binaries without flashing them.
"""
import sys

from interface import parse_arguments, get_platform
from mupq import mupq


if __name__ == "__main__":
    args, rest = parse_arguments()
    platform, settings = get_platform(args)
    with platform:
        mupq.BuildAll(settings).test_all(rest)

Showing with 0 additions and 0 deletions (0 / 0 diffs computed)

Computing file changes ...