liboqs icon indicating copy to clipboard operation
liboqs copied to clipboard

Published 20 hours ago verified publisher icon open-quantum-safe

Environment-specific Classic McEliece constant-time leaks

Open praveksharma opened this issue 1 year ago • 4 comments

Describe the bug The testing suite is reporting potential memory leaks (test_constant_time.txt) for Classic McEliece which are not documented in the suppression files.

To Reproduce I am unable to reproduce this issue locally. Additionally, these errors aren't being caught by the CI during weekly constant time tests. One might try to reproduce this with following steps:

docker run -dti openquantumsafe/ci-ubuntu-focal-x86_64 /bin/bash
docker attach (output of docker run command)
cd
git clone https://github.com/open-quantum-safe/liboqs
cd liboqs
mkdir build
cd build
cmake -GNinja -DOQS_OPT_TARGET=generic -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON ..
ninja
cd ..
SKIP_ALGS='BIKE*,Frodo*,HQC*,Kyber*,NTRU*,stru*,ntru*,LightSaber,Saber,FireSaber,Dilithium*,Falcon*,,SPHINCS*' python3 tests/test_constant_time.py  --verbose

Thank you for sharing this issue @bhess! Could you please share information about your environment: Environment (please complete the following information):

  • OS: [e.g. Ubuntu 20]
  • OpenSSL version [e.g., 3.0.2]
  • Compiler version used [e.g., clang 9.0.0]
  • Build variables used [e.g., "-DOQS_ALGS_ENABLED=STD"]
  • liboqs version [e.g. 0.7.2 or main branch]

praveksharma avatar Sep 07 '23 21:09 praveksharma

Addressing the (potential) leaks documented in this issue doesn't fix the larger issue of the current Classic McEliece implementation (potentially) not being constant time in certain environments. Aside from documenting this in the advisories (as in #1541) should we be taking additional measures for the final 0.9.0 release?

praveksharma avatar Sep 07 '23 21:09 praveksharma

Thank you for picking this up @praveksharma !

The environment is:

OS: Ubuntu 22.04.3 LTS OpenSSL version 3.0.2 Compiler version used: GCC 11.4.0 Build variables used: -DCMAKE_BUILD_TYPE=Debug -DOQS_ENABLE_TEST_CONSTANT_TIME=ON liboqs version: main

bhess avatar Sep 08 '23 07:09 bhess

This is an interesting problem! I have no real experience (I think I understand the McEliece cryptosystem), but if this isn't too bad to fix I can try. Any analysis yet? Why is this happening? What architectures are having this issue and on what version?

OfekShochat avatar Sep 13 '23 17:09 OfekShochat

@praveksharma, do we consider this to be resolved?

dstebila avatar Sep 27 '23 23:09 dstebila