[Haskell-cafe] Tor project
Tobias Florek
haskell at ibotty.net
Fri Aug 1 09:35:01 UTC 2014
hi,
> Just wanted to say that what I posted might give hope for such
> "branchless" code (or in fact: code that may branch, but by
> construction not in a detectable way).
i don't have the papers handy, but on the same host you can observe
cache line collisions. that means you cannot do something different that
takes the same time and generates the same amount of heat. you will have
to do _the same thing_. of course packages like vincent hanquez
securemem provide that kind of equality checks (and other very useful
properties). so some building blocks are there. interaction with the
garbage collector is still something to worry about though. in some gcs
you can observe whether a string is in use somewhere in the program or
not. i am not intimate with ghc's gc but i don't expect that particular
vulnerability is a problem when using securemem (or even bytestring or
text), but there might (and i assume will) be many other opportunities
to observe some state from outside the program.
don't let me discourage you though. every step to less side channels is
a valuable step!
tob
More information about the Haskell-Cafe
mailing list