-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nate Lawson wrote: [...] > Careful coding can address most side channel attacks, but I still think > OS's need a standard API for a stealth mode where a privileged process > can request exclusive access to the CPU it is running on for a short > quantum, with a guarantee that they will not be preempted unless they > exceed that quantum. Additional support for cleaning the > microarchitectural side effects (cache, BTB, etc.) would be a bonus. I > don't know of any standards efforts in this area but it might be > interesting to note. Fast implementations of AES are a good example > where such support is needed since it is impossible to eliminate cache > timing differences of the table lookups without such a mode. > > [1] OpenSSL 0.9.7h, change 10/2005 by Matthew D. Wood of Intel, > http://www.openssl.org/news/changelog.html > [2] OpenSSL 0.9.8f, change 10/2007 by Matthew D. Wood of Intel, > http://www.openssl.org/news/changelog.html
Sorry for hijacking this thread, are we going to import a new OpenSSL release? Sounds like we have to do a full package build if we want to do that... Cheers, - -- Xin LI <[EMAIL PROTECTED]> http://www.delphij.net/ FreeBSD - The Power to Serve! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFHNLYphcUczkLqiksRAq66AJ9ZCjTdnTdDZFtLxrPfxPizzmL7WgCdEvjW DLdgSd2sknd8e1gbOTtdExQ= =ycpp -----END PGP SIGNATURE----- _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[EMAIL PROTECTED]"