NIKX-Tech/numx

[Public] Independent security review of the ntt module

Open

#68 建立於 2026年7月11日

在 GitHub 查看
 (0 留言) (0 反應) (0 負責人)C (1 fork)github user discovery
help wantedsecurity

倉庫指標

Star
 (4 star)
PR 合併指標
 (PR 指標待抓取)

描述

Before building pqc (Kyber/Dilithium, #62) on top of numx_ntt_*, we would like independent review from anyone with cryptographic engineering experience.

What's already been done:

  • All 384 cryptographic constants (twiddle tables, Barrett reduction parameters) independently re-derived from scratch and verified against the implementation
  • The transform structure cross-checked against a naive O(n^2) reference multiplication over random inputs
  • Full test suite (329 NTT-adjacent tests) passing on 10 platform/toolchain combinations
  • The Barrett reduction canonicalization was originally branch-based (documented as a known constant-time gap); a branchless replacement was contributed by a reviewer on r/C_Programming (u/robchroma) and exhaustively verified against a % q for all 22,164,483 valid inputs before merging, see docs/algorithms/ntt.md#barrett-reduction

What we have not done: a formal security audit. The docs are explicit about this: "this is a numerical implementation of the NTT, not a formally audited cryptographic primitive."

If you have relevant experience and are willing to look at src/ntt.c and docs/algorithms/ntt.md, we would genuinely welcome findings here, timing side-channels beyond the one already fixed, edge cases in the modular arithmetic, or anything else. This module is the foundation the pqc module (#62) will be built on, so getting it right before that starts matters more than after.

貢獻者指南