How we avoided side-channels in our new post-quantum Go cryptography libraries
Summary
Trail of Bits released open-source Go implementations of ML-DSA and SLH-DSA, two NIST-standardized post-quantum signature algorithms (cryptographic methods designed to resist attacks from quantum computers). The team engineered these libraries to be constant-time, meaning they execute in the same amount of time regardless of input values, to prevent side-channel attacks (security breaches that exploit physical characteristics like timing or power consumption rather than the algorithm itself) like the KyberSlash vulnerability that affected earlier Kyber implementations.
Solution / Mitigation
The source describes a technique for removing branches (conditional decision points) from cryptographic code using bit masking, two's complement, and XOR (exclusive OR, a logical operation) to perform both sides of a condition and then use a constant-time conditional swap based on the condition to obtain the correct result. However, the source does not provide a complete, production-ready solution—it only shows partial code examples and states they are 'Not secure -- DO NOT USE.' The source does not mention specific updates, patches, or versions that users should apply.
Classification
Original source: https://blog.trailofbits.com/2025/11/14/how-we-avoided-side-channels-in-our-new-post-quantum-go-cryptography-libraries/
First tracked: February 12, 2026 at 02:20 PM
Classified by LLM (prompt v3) · confidence: 85%