HistoryEdit

RUSTSEC-2022-0045

Post-Quantum Key Encapsulation Mechanism SIKE broken

Issued
Package
oqs (crates.io)
Type
Vulnerability
Categories
Patched
  • >=0.7.2

Description

Wouter Castryck and Thomas Decru presented an efficient key recovery attack on the SIDH protocol. As a result, the secret key of SIKEp751 can be recovered in a matter of hours. The SIKE and SIDH schemes will be removed from oqs 0.7.2.

The affected schemes are the oqs::kem::Algorithm::Sike* and oqs::kem::Algorithm::Sidh* enum variants.

An efficient key recovery attack on SIDH (preliminary version)