[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20090822172252.GA4894@khazad-dum.debian.net>
Date: Sat, 22 Aug 2009 14:22:52 -0300
From: Henrique de Moraes Holschuh <hmh@....eng.br>
To: Pavel Machek <pavel@....cz>
Cc: Theodore Tso <tytso@....edu>,
David Wagner <daw-news@...berkeley.edu>,
linux-kernel@...r.kernel.org
Subject: Re: Security: information leaks in /proc enable keystroke recovery
On Fri, 21 Aug 2009, Pavel Machek wrote:
> /proc/interrupts ? various interfaces powertop uses?
>
> I did not have chance to read the paper yet, but... does not ssh have
> bad problem in that case?
I am told that SSH tries it best to take constant time for everything
that is even remotely sensitive (or at least, it should)... but it, as
well as openssl, gpg, gnutls and libc for that matter, can't really
protect themselves from sidechannels and information leaks that show up
when one abuses other CPUs (especially if SMT is operational) to gather
behaviour data of the other tasks/processes/threads in the system, or
when one gets to watch the cache misses, CPU pipeline stalls, etc.
I would also expect that *any* timing-related, power-related or
cache-/brach-prediction-/pipeline-stall-/CPU-behaviour- related high-
and medium-precision statistic to be viable side-channels to leak data.
These things are way too subtle to play the "prove it to me then" crap:
it often takes a stroke of geniality on top of extreme skill to find,
let alone exploit them. Therefore, it is really difficult to say "they
don't exist".
IMO, it is too hard a problem to try to close for real, but we really
should try to have all our crypto be constant-everything as much as we
can (constant CPU effort, constant timing, constant memory pattern
access), and to clamp the precision of measurements sent to userspace to
the strictly needed for them to be useful for system administration,
unless the kernel was compiled to expose high-precision statistics for
development work.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists