Closed aewag closed 10 months ago
Not zeroizing the state allows to recover any squeezed output. This is because the ascon permutations can be inversed. Hence, access to the complete state allows to perform this operation.
ascon
This relies on https://github.com/RustCrypto/sponges/pull/57 and a new release of the ascon crate.
Not zeroizing the state allows to recover any squeezed output. This is because the
asconpermutations can be inversed. Hence, access to the complete state allows to perform this operation.This relies on https://github.com/RustCrypto/sponges/pull/57 and a new release of the
asconcrate.