[Cryptography] Buffer Overflows & Spectre

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Nov 21 00:03:00 EST 2018

Jon Callas <jon at callas.org> writes:

>On top of this, there’s no easy way to fix pipelining to make this go away.

"Don't allow malicious, attacker-controlled code to run on the same CPU/CPU
cluster as your precious secret-containing code" would be a good start.

Maybe CPU vendors could break their existing products into two distinct lines,
one for people who think that sharing their CPU with code from
pavel at virusbucket.ru is a good idea (speculation disabled) and one for people
who don't (normal operation).


More information about the cryptography mailing list