- Reported
-
- Issued
-
- Package
-
oqs
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Details
-
https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/KFgw5_qCXiI?pli=1
- Patched
-
Description
Ward Beullens found a practical key-recovery attack against Rainbow.
The level I parametersets are removed from liboqs starting from version 0.7.2
.
Find the scientific details in Breaking Rainbow Takes a Weekend on a Laptop.
This means all the oqs::sig::Algorithm::RainbowI*
variants are insecure.