PyQuorum Timing Side-Channel Vulnerability in mul_mod Function Allows Secret Reconstruction

A timing side-channel vulnerability has been identified in PyQuorum, a cryptographic library for secret sharing and key management, in versions prior to 0.2.1. The issue arises in the mul_mod function, which performs multiplication using a binary expansion loop. The execution time of this loop varies based on the Hamming weight of the exponent, creating a timing side-channel. An attacker who can measure the duration of secret-sharing operations, potentially through a remote service, could gradually recover the values of shares, leading to the reconstruction of the secret.

Impact

Exploitation of this vulnerability allows for the gradual recovery of secret-sharing values, ultimately enabling the reconstruction of the secret being shared.

Remediation

Users can upgrade to PyQuorum version 0.2.1 to address this vulnerability.