[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
simple Unix CPU time quantization functions available
I've made available a simple CPU time quantization package that
provides a simple interface to encapsulate code blocks that must
run in a multiple of a coarse-grained "quantized" amount of CPU
time. It is useful in building various on-line cryptographic
protocols in which an attacker could otherwise learn key information
by observing the time the target takes to perform calculations that
use the secret (c.f., Paul Kocher's recent attacks).
The basic idea is that you can specify a "quantum" such that at the
end of an encapsulated block the CPU will busy-wait until the next
quantum multiple. Fine-grained (below the quantum) timing information
is thereby denied to the observer (including unprivileged processes on
the same machine). The code is quick-and-dirty and only runs on
Unix-centric platforms. Test and use at your own risk.
There are (basically) no restrictions on the use or distribution
of the (very simple) code.
Get it from:
ftp://research.att.com/dist/mab/quantize.shar
The quantize package is also part of Jack Lacy's cryptolib package (watch
this space for details).
-matt