Practical Differential Fuzzing for Post-Quantum Cryptography (G30b)
Post-Quantum Cryptography is becoming a standard, but the software implementations are still new and maturing. This talk focuses on using differential grey-box fuzzing to spot inconsistencies between different PQC libraries. the speakers will cover the engineering hurdles involved, specifically, how to override random number generation (RNG) to allow for deterministic testing. By running different implementations against each other, the speakers can expose logic bugs and edge cases that standard test suites often miss.