LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Is hyperthreading dangerous?

Is hyperthreading dangerous?

Posted May 19, 2005 12:19 UTC (Thu) by copsewood (subscriber, #199)
Parent article: Is hyperthreading dangerous?

I would question whether it is even possible to make cryptographic computations optimally secure on a highly complex system shared with potentially hostile processes. This kind of attack highlights the kind of difficulties involved. If cryptography is only one of very many things done on a highly complex system, it seems to me unlikely that the security of this cryptography will be done very well. I think a simpler and likely to be more effective approach, once appropriate hardware becomes more generally available, is for the cryptography to occur on dedicated processors, designed to make obtaining access to embedded private keys very difficult and expensive.

(Log in to post comments)

Is hyperthreading dangerous?

Posted May 19, 2005 17:35 UTC (Thu) by hamjudo (subscriber, #363) [Link]

... is for the cryptography to occur on dedicated processors, designed to make obtaining access to embedded private keys very difficult and expensive.

If the cryptographic keys are mission critical, they must be backed up. The backups also have to be protected, even when stored off site. I think that the most significant benefit of a dedicated processor is that you can have a very different scheme for backing up the crypto hardware than for your other servers.

Somewhat OT: Is hyperthreading dangerous?

Posted May 27, 2005 20:38 UTC (Fri) by zakaelri (guest, #17928) [Link]

Albeit I may pay for it later, this is a great place where TPM (Trusted Computing) could be used. Within the TPM system, the chip responsible for key management is the only one that can ever "see" the keys being used.

Any time a key goes out, it's encrypted. So, you can send in an encrypted key, a datastream, and an encrypt/decrypt/sign/verify instruction... the chip does the magic required, and spits out whichever data was asked for.

Note: While Palladium is evil. I actually like TPM. (My ThinkPad has it, but I havn't had the opportunity to set it up yet).

To make a desparate attempt for on-topic-ness: I disliked HTT from the beginning. It didn't seem worth paying for... It makes more sense (to me) to fine-tune cache performance.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds