Open JosePisco opened 4 months ago
tarcieri
commented
4 months ago Note: closes #108
There's a branch here that also mitigates it, and includes some descriptive comments about how the approach works: https://github.com/bwesterb/argyle-kyber/commit/b5c6ad13f4eece80e59c6ebeafd787ba1519f5f6
JosePisco
commented
4 months ago Note: closes #108
There's a branch here that also mitigates it, and includes some descriptive comments about how the approach works: bwesterb@b5c6ad1
This is right but as mentioned above, bwesterb's change uses different magic values as the ones used by the authors to patch this. While we can easily find approximate linear relations between the two sets of values, I believe this is for the best to align with pq-crystals/kyber as the reference. On another hand, it doesn't appear that bwesterb's fork wants to merge its fix into this repository; I believe they would have done it by now, wouldn't they ?
JosePisco
commented
3 months ago Hey @mberry , it's been a few weeks since I opened this PR and I wanted to call for an update. Is the repository still maintained ? I hope you don't mind the ping, just looking forward to know if it's going to be resolved.
Cheers
Hello everyone,
I suggest this diff against master to patch non-constant time division revealed by DJB through KyberSlash (https://kyberslash.cr.yp.to/).
For the sake of correctness, the changes proposed here are as close as possible to the official patch in https://github.com/pq-crystals/kyber/pull/69.
While aware of a patched version available at https://github.com/bwesterb/argyle-kyber/commit/b5c6ad13f4eece80e59c6ebeafd787ba1519f5f6, their fix does not exactly match the values from the authors' patch.
Cheers,