31 matches found
Post-Quantum Federated Learning: Secure and Scalable Threat Intelligence for Collaborative Cyber Defense
Collaborative threat intelligence via federated learning FL faces critical risks from quantum computing, which can compromise classical encryption methods. This study proposes a quantum-secure FL framework using post-quantum cryptography PQC to protect cross-organizational data sharing. We expose...
The Qey: Implementation and Performance Study of Post Quantum Cryptography in FIDO2
Authentication systems have evolved a lot since the 1960s when Fernando Corbato first proposed the password-based authentication. In 2013, the FIDO Alliance proposed using secure hardware for authentication, thus marking a milestone in the passwordless authentication era 1. Passwordless...
EUVD-2023-28089
Malicious code in bioql PyPI...
Performance and Storage Analysis of CRYSTALS Kyber As a Post Quantum Replacement for RSA and ECC
The steady advancement in quantum computer error correction technology has pushed the current record to 48 stable logical qubits, bringing us closer to machines capable of running Shor's algorithm at scales that threaten RSA and ECC cryptography. While the timeline for developing such quantum...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
Complexity of Post-Quantum Cryptography in Embedded Systems and Its Optimization Strategies
With the rapid advancements in quantum computing, traditional cryptographic schemes like Rivest-Shamir-Adleman RSA and elliptic curve cryptography ECC are becoming vulnerable, necessitating the development of quantum-resistant algorithms. The National Institute of Standards and Technology NIST ha...
NIST Releases First Post-Quantum Encryption Algorithms
From the Federal Register: After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key encapsulation mechanism selected was CRYSTALS-KYBER, along with three digital signature schemes:...
Kyber Security Breach
Kyber is a repository open-sourced by pq-crystals. A security vulnerability exists in Kyber versions prior to 9b8d306, which stems from the fact that polyfrommsg in poly.c does not prevent Clang from issuing vulnerable key dependency branches...
crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)
Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...
GHSA-F6JH-HVG2-9525 crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)
Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...
GO-2024-2469 Kyberslash timing attack possible in github.com/kudelskisecurity/crystals-go
Kyberslash timing attack possible in github.com/kudelskisecurity/crystals-go...
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption
Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman X3DH specification to Post-Quantum Extended Diffie-Hellman PQXDH. "With this upgrade, we are adding a layer of protection against the...
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber , one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked...
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked...
Side-Channel Attack against CRYSTALS-Kyber
CRYSTALS-Kyber is one of the public-key algorithms currently recommended by NIST as part of its post-quantum cryptography standardization process. Researchers have just published a side-channel attack--using power consumption--against an implementation of the algorithm that was supposed to be...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
CVE-2023-24025
CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022 in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector...
PT-2023-19366 · Pqclean · Pqclean
Name of the Vulnerable Software and Affected Versions: PQClean version d03da30 Description: The issue allows universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector. This is related to CRYSTALS-DILITHIUM in Post-Quantum...
CVE-2023-24025
CVE-2023-24025 concerns the PQClean implementation of CRYSTALS-DILITHIUM (version vector d03da30) where an intermediate data leak in a single vector can enable universal forgeries of digital signatures. The issue is tied to the CRYSTALS-DILITHIUM component used within PQClean, not to a broader pr...