
Can We Prove Time Protection? - gbrown_
https://arxiv.org/abs/1901.08338
======
crote
So if i understand it correctly, if all side effects are perfectly known and
controllable, we can prove that they have not been used to leak any
information? That's a bit obvious, isn't it?

I'm a bit amused by the hardware requirements for this to work: everything
must either be resettable, or fully partitioned. I guess this means a single
DDR channel per core, no hyperthreading, no dynamic frequency scaling, no
hardware features which are dynamically disabled to save power et cetera. Come
to think of it, it's probably not even allowed to share a single package due
to side effects due to heat creation and power usage? I guess we all have to
go back to the equivalent of a very fast, single-core 8008.

This is obviously a very serious problem, but it looks more and more like it's
going to be impossible to solve this in something even remotely representing
current cpu designs and it makes me wonder if it's even worth solving for most
users.

~~~
aaron_m04
Nah, it's easy. Just add some jitter to responses from the time syscall, and
add jitter to any input data :)

~~~
eridius
If you do the same operation enough times, jitter can be filtered out.

