The curious tendency among cryptographers to believe that they need to make any OOB access the attacker suggests in order to be “constant-time”.
-
-
Jokes aside, closest you'll probably come is implementing a bytecode interpreter to make it implausible for uarch to make op times vary.
-
Real solution: while (now()<start+safe_margin);
-
Vulnerable to hyperthread timing attacks.
-
HT needs to be off to ensure reasonable local secrecy properties. I'm content to preclude remote timing leaks usually.
-
Re: js, browser should only expose a fake clock.
End of conversation
New conversation -
-
-
I’m actually not convinced that suffices in the face of cache eviction attacks.
-
Ok, 1000 pusha,popa pairs to blow away the whole cache.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.