sidh: deprecates sidh and sike packages. #359
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cjpatton
approved these changes
Aug 3, 2022
| // | ||
| // SIDH and SIKE are deprecated as were shown vulnerable to a key recovery | ||
| // attack by Castryck-Decru's paper (https://eprint.iacr.org/2022/975). New | ||
| // systems should not rely on this package. This package is frozen. |
There was a problem hiding this comment.
By "frozen" I suppose you mean that maintenance has stopped and bug fixes won't be considered? Consider saying this explicitly.
There was a problem hiding this comment.
Also, there is a small possibility that there will be a fix to SIKE. Although they might call it something else as the changes will be big.
There was a problem hiding this comment.
It's frozen in the sense that it's preserved for historical reasons and to indicate people should not use it to secure any system.
Bugs can still appear at anytime in software for many different reasons.
There was a problem hiding this comment.
Also there is still code implementing field arithmetic which can be (re)used for other purposes.
bwesterb
reviewed
Aug 4, 2022
bwesterb
approved these changes
Aug 4, 2022
A key recovery attack was shown by Castryck-Decru's paper (https://eprint.iacr.org/2022/975) breaking the security of current SIDH and SIKE algorithms.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
DEPRECATION NOTICE
SIDH and SIKE are deprecated as were shown vulnerable to a key recovery attack by Castryck-Decru's paper (https://eprint.iacr.org/2022/975). New systems should not rely on this package. This package is frozen.
Changes: