Skip to content

Security: Incomplete Private Key Zeroization for ML-DSA-44 #67

Open
Open
Security: Incomplete Private Key Zeroization for ML-DSA-44#67
Labels
medium-severityMedium severity security issuessecuritySecurity related issues
@jamestexas

Description

@jamestexas
jamestexas
opened on Feb 16, 2026

Due to library limitations, ML-DSA-44 private keys are not fully zeroized, leaving sensitive material in memory. See parent issue #65.

Metadata

Metadata

Assignees

No one assigned

    Labels

    medium-severityMedium severity security issuessecuritySecurity related issues

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions