kyber icon indicating copy to clipboard operation
kyber copied to clipboard

Published 20 hours ago verified publisher icon dedis

Modulo bias

Open cgrigis opened this issue 5 years ago • 0 comments

Security Code Review finding:

Another modulo bias in kyber was found in pairing/bn256/point.go on line 239, notice this is not necessarily a danger depending how the hashToPoint() method is later used, but it could be done using iterative hashing and masking until a value below the modulus is found to ensure a uniform distribution of the x coordinate.

cgrigis avatar Sep 07 '20 15:09 cgrigis