[Haskell-cafe] Tor project

Wojtek Narczyński wojtek at power.com.pl
Fri Aug 1 08:08:08 UTC 2014

On 01.08.2014 10:02, Friedrich Wiemer wrote:
>>      Well, how about something like
>>      inConstantTime :: timeBudget -> (functionToPerform :: CryptoResult)
>>      -> IO (Maybe CryptoResult)
>> I'm no expert, but aren't timing attacks also possible with something
>> like that. If your `functionToPerform' touches the cache in funny ways,
>> the program after resuming from the timeout might have different timings
>> as there could be cache misses in one scenario, but not the other.
> One would need to add countermeasures for this sidechannel, too, I guess.
Countermeasures here, countermeasures there, and the best language to do 
it is C. I find it hard to believe.

More information about the Haskell-Cafe mailing list