oqs's Post-Quantum Key Encapsulation Mechanism SIKE broken · GHSA-hrjv-pf36-jpmr · GitHub Advisory Database · GitHub

oqs's Post-Quantum Key Encapsulation Mechanism SIKE broken

Moderate severity GitHub Reviewed Published Aug 18, 2022 to the GitHub Advisory Database • Updated Jan 7, 2023

Package

oqs (Rust)

Affected versions

< 0.7.2

Patched versions

0.7.2

Description

Wouter Castryck and Thomas Decru presented an efficient key recovery attack on the SIDH protocol.
As a result, the secret key of SIKEp751 can be recovered in a matter of hours.
The SIKE and SIDH schemes will be removed from oqs 0.7.2.

An efficient key recovery attack on SIDH (preliminary version)

References

Published to the GitHub Advisory Database Aug 18, 2022

Reviewed Aug 18, 2022

Last updated Jan 7, 2023