Transactions on Cryptographic Hardware and Embedded Systems 2025

KyberSlash:

Exploiting secret-dependent division timings in Kyber implementations

README

This artifact accompanies the paper "KyberSlash: Exploiting secret-dependent division timings in Kyber implementations"
available at https://eprint.iacr.org/2024/1049.

It consists of three parts in correspondingly named sub-directories:
- demo1: The code for the KyberSlash1 attack on a Raspberry Pi2 described in Section 5
- demo2: The code for the KyberSlash2 attack on an Arm Cortex-M4 described in Section 6
- valgrind: The patches required to detect similar vulnerabilities using Valgrind as described in Section 7.1

License

Please refer to the following files within each subdirectory for specific
license information:

demo1/: See demo1/README
demo2/: See demo2/LICENSE
valgrind/valgrind-3.22.0-varlat-memcheck-h-only.patch: See valgrind/COPYING.bzip2-1.0.6
valgrind/valgrind-3.22.0-varlat.patch: See valgrind/COPYING.GPL2

International Association for Cryptologic Research

International Association
for Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems 2025

KyberSlash:

Exploiting secret-dependent division timings in Kyber implementations

README

License

International Association for Cryptologic Research

International Associationfor Cryptologic Research

Transactions on Cryptographic Hardware and Embedded Systems 2025

KyberSlash:

Exploiting secret-dependent division timings in Kyber implementations

README

License

International Association
for Cryptologic Research