Post-Quantum Cryptography Auditing (U30c)
With the recent standardization of some post-quantum cryptography algorithms, NCC Cryptography Services has had the opportunity to review various implementations. During this talk, the speaker will highlight the categories of vulnerabilities reported in post-quantum cryptography implementations.
These include:
Out-of-Bound Memory Read
Non-Constant Time
Invalid Parameters
Missing Validation
Missing Memory Zeroization
The talk will also provide development tips and strategies for implementing and reviewing post-quantum cryptography implementations.