Update Kyber

rustpq · Jan 25, 2024 · f921490 · f921490
1 parent 6ee29f7
commit f921490
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## 2024-01-25
+
+* Update Kyber `clean` implementation to avoid potential Kyber side-channel vulnerabilities.
+  Note that the `aarch64` implementation is still vulnerable, but it is waiting for other updates.
+  This library is for experimental purposes, so security vulnerabilties are addressed on a best-effort basis.
+
 ## 2023-10-16
 
 * Update Kyber to draft FIPS standard

diff --git a/implementations.yaml b/implementations.yaml
@@ -5,7 +5,7 @@ traits_version: 0.3.5
 
 kems:
   kyber:
-    version: 0.8.0
+    version: 0.8.1
     x86_avx2_guard: 'target_arch == "x86_64" && avx2_enabled && !is_windows && !is_macos'
     implementations: [clean, avx2, aarch64]
     schemes:

diff --git a/pqclean b/pqclean
diff --git a/pqcrypto-kyber/Cargo.toml b/pqcrypto-kyber/Cargo.toml
@@ -2,7 +2,7 @@
 name = "pqcrypto-kyber"
 description = "Post-Quantum Key-Encapsulation Mechanism kyber"
 readme = "README.md"
-version = "0.8.0"
+version = "0.8.1"
 authors = ["Thom Wiggers <[email protected]>"]
 edition = "2021"
 license = "MIT OR Apache-2.0"

diff --git a/pqcrypto/Cargo.toml b/pqcrypto/Cargo.toml
@@ -13,7 +13,7 @@ categories = ["cryptography"]
 
 [dependencies]
 pqcrypto-traits = { path = "../pqcrypto-traits", version = "0.3.5" }
-pqcrypto-kyber = { path = "../pqcrypto-kyber", version = "0.8.0", optional = true }
+pqcrypto-kyber = { path = "../pqcrypto-kyber", version = "0.8.1", optional = true }
 pqcrypto-classicmceliece = { path = "../pqcrypto-classicmceliece", version = "0.2.0", optional = true }
 pqcrypto-hqc = { path = "../pqcrypto-hqc", version = "0.2.0", optional = true }
 pqcrypto-dilithium = { path = "../pqcrypto-dilithium", version = "0.5.0", optional = true }