A cikin aiwatar da algorithm na boye-boye na Kyber, wanda ya ci gasar cryptographic algorithms masu jure jure rashin ƙarfi akan kwamfutar ƙididdiga, an gano rauni wanda ke ba da damar hare-haren tashoshi na gefe don sake ƙirƙirar maɓallan sirri dangane da auna lokacin aiki yayin yanke bayanan. rubutun da maharin ya bayar. Matsalar ta shafi duka aiwatar da tsarin aiwatar da maɓalli na CRYSTALS-Kyber KEM da ɗakunan karatu na ɓoyayyen ɓoyayyen ɓangare na uku na Kyber, gami da ɗakin karatu na pqcrypto da aka yi amfani da shi a cikin saƙon siginar.
Mahimmancin raunin, wanda ya karbi lambar sunan KyberSlash, yana cikin amfani da aikin rarraba "t = ((t
Daniel J. Bernstein, sanannen kwararre a fannin cryptography, ya iya shirya zanga-zangar aiki na tabbacin cewa za a iya kai harin a aikace. A cikin biyu daga cikin gwaje-gwaje ukun da aka gudanar, lokacin da ake gudanar da lamba akan allon Rasberi Pi 2, yana yiwuwa a sake ƙirƙirar maɓallin keɓaɓɓen Kyber-512 gabaɗaya dangane da auna lokacin yanke bayanai. Hakanan za'a iya daidaita hanyar don Kyber-768 da maɓallan Kyber-1024. Don samun nasarar kai hari, ya zama dole a sarrafa rubutun da maharin ya ayyana ta amfani da maɓalli iri ɗaya kuma ana iya auna lokacin aiwatar da aikin daidai.
An gano wani ɗigo (KyberSlash2) a wasu ɗakunan karatu, wanda kuma yana faruwa saboda amfani da ƙimar sirri yayin aiwatar da rarrabawa. Bambance-bambance daga zaɓi na farko sun sauko zuwa kira a matakin ɓoyewa (a cikin ayyukan poly_compress da polyvec_compress), kuma ba lokacin yankewa ba. Koyaya, zaɓi na biyu na iya zama da amfani don kai hari kawai a cikin lokuta inda aka yi amfani da hanyar a cikin ayyukan sake ɓoyayyen abin da ake ɗaukar fitowar rubutun a ɓoye.
An riga an daidaita raunin a cikin ɗakunan karatu:
- zig/lib/std/crypto/kyber_d00.zig (Disamba 22),
- pq-crystals/kyber/ref (Disamba 30),
- symbolicsoft/kyber-k2so (Disamba 19),
- Cloudflare/da'irar (Janairu 8),
- aws/aws-lc/crypto/kyber (Janairu 4),
- liboqs/src/kem/kyber (8 Janairu).
Laburaren da rashin lafiyar bai shafa da farko ba:
- boringssl/crypto/kyber,
- filippo.io/mlkem768,
- formosa-crypto/libjade/itace/main/src/crypto_kem,
- kyber/common/amd64/avx2,
- formosa-crypto/libjade/itace/main/src/crypto_kem/kyber/common/amd64/ref,
- pq-crystals/kyber/avx2,
- pqclean/crypto_kem/kyber*/avx2.
Rashin lahani ya kasance ba a buɗe ba a cikin ɗakunan karatu:
- antontutoveanu/crystals-kyber-javascript,
- Argyle-Software/kyber,
- debian / src / liboqs / unstable / src / kem / kyber,
- kudelskisecurity/crystals-go,
- mupq/pqm4/crypto_kem/kyber* (A ranar 20 ga Disamba, sigar 1 kawai na rashin lafiyar ya daidaita),
- PQClean/PQClean/crypto_kem/kyber*/aarch64,
- PQClean/PQClean/crypto_kem/kyber*/mai tsabta,
- randombit/botan (A ranar 20 ga Disamba, rauni 1 kawai aka gyara),
- rustpq/pqcrypto/pqcrypto-kyber (an ƙara gyara zuwa libsignal a ranar 5 ga Janairu, amma har yanzu ba a daidaita raunin a pqcrypto-kyber kanta ba).
source: budenet.ru