International Association
for Cryptologic Research

This paper presents KyberSlash1 and KyberSlash2 – two timing vulnerabilities in several implementations (including the official reference code) of the Kyber Post-Quantum Key Encapsulation Mechanism, recently standardized as ML-KEM. We demonstrate the exploitability of both KyberSlash1 and KyberSlash2 on two popular platforms: the Raspberry Pi 2 (Arm Cortex-A7) and the Arm Cortex-M4 microprocessor. Kyber secret keys are reliably recovered within minutes for KyberSlash2 and a few hours for KyberSlash1. We responsibly disclosed these vulnerabilities to maintainers of various libraries and they have swiftly been patched. We present two approaches for detecting and avoiding similar vulnerabilities. First, we patch the dynamic analysis tool Valgrind to allow detection of variable-time instructions operating on secret data, and apply it to more than 1000 implementations of cryptographic primitives in SUPERCOP. We report multiple findings. Second, we propose a more rigid approach to guarantee the absence of variable-time instructions in cryptographic software using formal methods.

In this talk, we describe PQXDH, a new post-quantum key agreement protocol deployed by Signal, its formal analysis using the ProVerif and CryptoVerif protocol analysis tools, and how this analysis influenced version 2 of PQXDH. We focus on the lessons learned in this process and how formal verification can be a powerful tool in an industrial setting. The talk will be given jointly by Rolfe Schmidt and Karthikeyan Bhargavan.