Homepage

pyquorum@0.2.0

Cryptographic library for secret sharing and key management, powered by Rust

  • latest version

    0.2.1

  • latest non vulnerable version

    0.2.1

  • first published

    1 months ago

  • latest version published

    21 days ago

  • licenses detected

  • View pyquorum package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the pyquorum package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Timing Attack

    pyquorum is a Cryptographic library for secret sharing and key management, powered by Rust

    Affected versions of this package are vulnerable to Timing Attack via mul_mod function implements multiplication via a binary expansion loop whose execution time depends on the Hamming weight of the second operand. An attacker who can measure the time of secret‑sharing operations (e.g., via a remote service) could recover the values of shares, leading to secret reconstruction.

    How to fix Timing Attack?

    Upgrade pyquorum to version 0.2.1 or higher.

    [,0.2.1)
    Go back to all versions of this package