From: "Pascal J. Bourguignon" <pjb@informatimago.com>
Subject: Re: Side-channel Attacks (Time)
Date: Fri, 25 Apr 2014 07:09:24 +0200
Date: 2014-04-25T07:09:24+02:00 [thread overview]
Message-ID: <87lhuuuha3.fsf@kuiper.lan.informatimago.com> (raw)
In-Reply-To: 2wl6v.162063$kp1.28371@fx14.iad
Shark8 <OneWingedShark@gmail.com> writes:
> Considering the needs for a secure, verified security library [to
> replace OpenSSL] I was wondering about using the TASK construct in
> conjunction with DELAY UNTIL /OP_UPPERBOUND/* would be an acceptable
> countermeasure.
It could help.
Choosing an algorithm without branches, and with fixed count loops would
be better.
But even in that case, if physical access to the processor is available,
physical side effects can be detected, and from them information about
the data can be deduced.
Of course, it's as always a matter of risk and graduated counter-measures.
--
__Pascal Bourguignon__
http://www.informatimago.com/
"Le mercure monte ? C'est le moment d'acheter !"
next prev parent reply other threads:[~2014-04-25 5:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-25 4:28 Side-channel Attacks (Time) Shark8
2014-04-25 5:09 ` Pascal J. Bourguignon [this message]
2014-04-25 5:36 ` Shark8
2014-04-25 5:51 ` Pascal J. Bourguignon
2014-04-25 6:26 ` Shark8
2014-04-25 19:43 ` Simon Clubley
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox