CRYSTALS-DILITHIUM (in Post-Quantum Cryptography Selected Algorithms 2022) in PQClean d03da30 may allow universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector.
References
Link | Resource |
---|---|
https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022 | Third Party Advisory US Government Resource |
https://eprint.iacr.org/2023/050 | Third Party Advisory |
https://github.com/PQClean/PQClean/tree/d03da3053491e767ef842deaef43fc5bdb6bc911 | Third Party Advisory |
Configurations
History
03 Feb 2023, 15:00
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://csrc.nist.gov/Projects/post-quantum-cryptography/selected-algorithms-2022 - Third Party Advisory, US Government Resource | |
References | (MISC) https://eprint.iacr.org/2023/050 - Third Party Advisory | |
References | (MISC) https://github.com/PQClean/PQClean/tree/d03da3053491e767ef842deaef43fc5bdb6bc911 - Third Party Advisory | |
First Time |
Pqclean Project
Pqclean Project pqclean |
|
CWE | CWE-347 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:pqclean_project:pqclean:-:*:*:*:*:*:*:* |
20 Jan 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-20 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-24025
Mitre link : CVE-2023-24025
CVE.ORG link : CVE-2023-24025
JSON object : View
Products Affected
pqclean_project
- pqclean
CWE
CWE-347
Improper Verification of Cryptographic Signature