Commit Graph

7 Commits

Author SHA1 Message Date
Matthias J. Kannwischer
3d7d2024fa
FrodoKEM: Fix bug in the output of the ct_verify function (#367)
* Fix bug in the output of the ct_verify function

A bug in the CCA transformation was reported on the pqc-forum on 2020-12-10
https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/kSUKzDNc5ME

It was fixed today in 669522db63.
This commit ports that fix to PQClean

* add note to SECURITY.md

* update upstream commit in META.yml
2020-12-14 10:39:10 -05:00
Thom Wiggers
cdd11413f3
Fix missed overflowing mul in FrodoKEM
It happened in another place
2020-11-24 11:50:33 +01:00
Thom Wiggers
6d0684df63
Fix more overflowing muls in Frodo 2020-11-19 07:48:32 +01:00
John M. Schanck
9064186cdb astyle 2020-09-17 07:19:31 -04:00
John M. Schanck
a59cf4cba7 frodo: satisfy test_boolean 2020-09-17 07:19:31 -04:00
Douglas Stebila
ae1530d192 Fix timing leak in decapsulation.
As identified in: Qian Guo, Thomas Johansson, Alexander Nilsson. A 
key-recovery timing attack on post-quantum primitives using the 
Fujisaki-Okamoto transformation and its application on FrodoKEM. In 
CRYPTO 2020.

Based on 
155c24c3df
2020-06-19 13:15:13 -04:00
Matthias J. Kannwischer
a4906713be use optimized matrix_shake.c for frodokem640shake 2019-05-20 15:12:51 +02:00