[Haskell-cafe] Tor project
Wojtek Narczyński
wojtek at power.com.pl
Fri Aug 1 08:08:08 UTC 2014
On 01.08.2014 10:02, Friedrich Wiemer wrote:
>> Well, how about something like
>>
>> inConstantTime :: timeBudget -> (functionToPerform :: CryptoResult)
>> -> IO (Maybe CryptoResult)
>>
>>
>> I'm no expert, but aren't timing attacks also possible with something
>> like that. If your `functionToPerform' touches the cache in funny ways,
>> the program after resuming from the timeout might have different timings
>> as there could be cache misses in one scenario, but not the other.
> One would need to add countermeasures for this sidechannel, too, I guess.
>
>
Countermeasures here, countermeasures there, and the best language to do
it is C. I find it hard to believe.
More information about the Haskell-Cafe
mailing list