From c59580a355ed75fc8ec528a3282193ab733d4455 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sof=C3=ADa=20Celi?= Date: Tue, 11 Aug 2020 10:47:34 -0500 Subject: [PATCH] Fix overflow in multiplication in Saber --- crypto_kem/firesaber/clean/poly_mul.c | 2 +- crypto_kem/lightsaber/clean/poly_mul.c | 2 +- crypto_kem/saber/clean/poly_mul.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto_kem/firesaber/clean/poly_mul.c b/crypto_kem/firesaber/clean/poly_mul.c index e6ba9364..20f1d4ad 100644 --- a/crypto_kem/firesaber/clean/poly_mul.c +++ b/crypto_kem/firesaber/clean/poly_mul.c @@ -47,7 +47,7 @@ static void karatsuba_simple(const uint16_t *a_1, const uint16_t *b_1, uint16_t acc7 = acc5 + acc6; //b01 acc8 = acc1 + acc2; //a01 - d01[i + j] = d01[i + j] + acc7 * acc8; + d01[i + j] = d01[i + j] + (uint16_t)(acc7 * (uint64_t)acc8); //-------------------------------------------------------- acc7 = b_1[j + 2 * KARATSUBA_N / 4]; //b2 diff --git a/crypto_kem/lightsaber/clean/poly_mul.c b/crypto_kem/lightsaber/clean/poly_mul.c index d1ffc530..926910b5 100644 --- a/crypto_kem/lightsaber/clean/poly_mul.c +++ b/crypto_kem/lightsaber/clean/poly_mul.c @@ -47,7 +47,7 @@ static void karatsuba_simple(const uint16_t *a_1, const uint16_t *b_1, uint16_t acc7 = acc5 + acc6; //b01 acc8 = acc1 + acc2; //a01 - d01[i + j] = d01[i + j] + acc7 * acc8; + d01[i + j] = d01[i + j] + (uint16_t)(acc7 * (uint64_t)acc8); //-------------------------------------------------------- acc7 = b_1[j + 2 * KARATSUBA_N / 4]; //b2 diff --git a/crypto_kem/saber/clean/poly_mul.c b/crypto_kem/saber/clean/poly_mul.c index 854cddd4..dc1cc779 100644 --- a/crypto_kem/saber/clean/poly_mul.c +++ b/crypto_kem/saber/clean/poly_mul.c @@ -47,7 +47,7 @@ static void karatsuba_simple(const uint16_t *a_1, const uint16_t *b_1, uint16_t acc7 = acc5 + acc6; //b01 acc8 = acc1 + acc2; //a01 - d01[i + j] = d01[i + j] + acc7 * acc8; + d01[i + j] = d01[i + j] + (uint16_t)(acc7 * (uint64_t)acc8); //-------------------------------------------------------- acc7 = b_1[j + 2 * KARATSUBA_N / 4]; //b2