[Cryptography] Speculation considered harmful?

Howard Chu hyc at symas.com
Tue Jan 9 04:41:28 EST 2018


Nico Williams wrote:
> On Mon, Jan 08, 2018 at 06:35:36AM -0500, John Levine wrote:
>> In article <7f4174cb-b842-1314-587a-dd32711a81bf at symas.com> you write:
>>>> One of them is VLIW, or "Very Long Instruction Word," which exploits
>>>> deliberately explicit instruction level parallelism rather than implicit
>>>> (speculative) instruction parallelism.
>>>
>>> Intel EPIC -> Itanium -> nobody liked that path.
>>
>> There is room for debate about what was wrong with Itanium.
>>
>> I know the guys who invented VLIW.  It speculates all over the place,
>> with part of the idea being that some of the work the long
>> instructions do is thrown away if it turns out that it's on a path
>> that turns out not to be taken.  I have no idea whether its flavor of
>> speculation can be used for the same kind of attacks.
> 
> Provided it doesn't speculate behind the compiler's back, you could just
> disable speculation by having the compiler emit slower, more sequential
> code.  That's the real idea of VLIW: let the compiler do more of the
> work.  That was also the problem with VLIW: it's difficult to make the
> compiler do that work.  But maybe LLVM and friends have become advanced
> enough that it could work now, and maybe bitcode could be the new object
> code so we could have non-stable VLIW ABIs.  In any case, it seems a bit
> late for a second look at Itanium.

It's futile to make the compiler do that work because it can only do static 
scheduling. That might be fine for a 1950s era mainframe where only one job 
runs on the machine at a time but it's hopeless in a modern day 
multithreaded/multiprocess environment where dynamic scheduling is required 
anyway.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/


More information about the cryptography mailing list