We Found a 4-Year-Old Security Hole in Post-Quantum Encryption — and a Fix That Also Makes It 3× Faster

Alissaei, Bader

← All research
Research article

We Found a 4-Year-Old Security Hole in Post-Quantum Encryption — and a Fix That Also Makes It 3× Faster

Bader Alissaei April 2026 ORCID 0009-0003-5312-383X

Publication typeResearch article

PublishedApril 2026

Abstract

Every version of Clang released since June 2022 can transform constant-time post-quantum code into timing-leaky binaries. The x86-cmov-converter pass detects the BIT0MASK pattern, replaces it with a conditional jump, and branches on a secret key bit.

The behaviour was tested across nine Clang versions and twenty compiler/platform combinations on Linux and Windows. Disabling the conversion fixes the leak and improved performance by 3.07 times in the tested workload by avoiding branch mispredictions.

HQCpost-quantum cryptographyClangLLVMconstant-time cryptographytiming side channelBIT0MASK

Citation

@misc{alissaei2026kemcctmatrix,
  author = {Bader Alissaei},
  title  = {We Found a 4-Year-Old Security Hole in Post-Quantum Encryption — and a Fix That Also Makes It 3× Faster},
  year   = {2026}
}