[Cryptography] Speculation re Intel HW cockup; reqs. OS rewrites & slow execution

[Benjamin Kreuter]

On Tue, 2018-01-02 at 16:10 -0800, Henry Baker wrote:

> 
> Wouldn't this be a good time to think about putting x86 & x86-64 out
> of everyone's misery?

To be clear, there are two vulnerabilities:  Meltdown and Spectre. 
Neither is really about x86.  Meltdown is fairly specific to Intel, and
seems to not affect AMD.  Spectre seems to affect x86 in general, as
well as ARM, and maybe also PowerPC and other higher-end architectures.
 So switching away from x86 will not get you as much as you think.

> Have there been any *clean sheet* architecture designs since the
> Snowden revelations?

This has nothing to do with Snowden, other than the NSA likely having
discovered the attacks long before now (it is exactly the kind of side
channel attack they would love to use).  A brand new architecture would
likely be vulnerable since Spectre is based on textbook approaches that
are widely used.

> Clearly, Intel was spending so much time implementing backdoors "for
> management purposes" (wink, wink), that they didn't have time to work
> on protecting the poor lusers.

It is not clear that Intel was actually aware of Meltdown until 2017,
and Intel is not the only company to develop something like ME.  If you
want an architecture that is not vulnerable you need something without
branch prediction and related performance features.  There is not much
of a market for that -- most people would rather take the risk and use
software approaches to mitigate the attack.  It is going to be a while
before new architectural patterns are developed that properly separate
speculative instructions, and it will almost certainly come at a cost.

-- Ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180104/ad0fb5d1/attachment.sig>