undefined | Better HN

0 pointsfrutiger9y ago0 comments

> to avoid various timing attacks that could be introduced by optimization

Assembler only goes so far. Until you figure out how the processor's front end will decode the machine code and run the underlying RISC program, or how the hypervisor will schedule your program on some shared machines (e.g. in EC2) you're susceptible to a different class of side-channel attacks.

0 comments

tptacek9y ago

This is true but not relevant to the discussion: whatever side channel problems you'd have in pure assembly, you're practically certain to have more of them if you implement crypto in a high-level language with an aggressive optimizer.

frutigerOP9y ago

Note I never disagreed with GGP's premise - I'm only pointing out that you can go further than assembler.

bradleyjg9y ago

Is there any way to write programs that bypass the processor's front end for most the processors in use? If not, it what sense is it true that "you can go further than assembler"?

1 more reply

j / k navigate · click thread line to collapse