Hacker News new | past | comments | ask | show | jobs | submit login

I don't think they are overclaiming. From the abstract:

> we present Constantine, a compiler-based system to automatically harden programs against microarchitectural side channels [...]

> secret dependent control and data flows are completely linearized (i.e., all involved code/data accesses are always executed).

Their goal is to hide microarchitectural events from a passive or active observer. As a side note, the VUSec research group helped discover microarchitectural side channels such as Rogue In-Flight Data Load [0] and I'm sure they know the difference between earlier work on timing and microarchitectural side channels.

https://mdsattacks.com/files/ridl.pdf




I read that too, and I am mystified that they could make such a broad claim, when clearly their technique applies only very narrowly, i.e. to a process leaking its own secrets by encoding them in its own timing behavior. It's very poorly worded.




Applications are open for YC Winter 2022

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: