[Haskell-cafe] Tor project
Friedrich Wiemer
friedrichwiemer at gmail.com
Fri Aug 1 08:02:23 UTC 2014
> Well, how about something like
>
> inConstantTime :: timeBudget -> (functionToPerform :: CryptoResult)
> -> IO (Maybe CryptoResult)
>
>
> I'm no expert, but aren't timing attacks also possible with something
> like that. If your `functionToPerform' touches the cache in funny ways,
> the program after resuming from the timeout might have different timings
> as there could be cache misses in one scenario, but not the other.
One would need to add countermeasures for this sidechannel, too, I guess.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 538 bytes
Desc: OpenPGP digital signature
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20140801/30369599/attachment.sig>
More information about the Haskell-Cafe
mailing list