Hacker News new | ask | show | jobs
by SomeStupidPoint 3189 days ago
> There is a theoretical solution that we might be able to explore at some point: If compute is deterministic -- that is, always guaranteed to produce the same result given the same input -- then it can't possibly pick up side channels.

Doesn't this require the timing and interleaving with other processes also be deterministic? ...which seems hard to guarantee with modern CPUs, async IO, and shared execution.
1 comments
kentonv 3189 days ago
If you don't provide (real) time as an input to the program, then non-determinism of time does not affect determinism of the program. At least, in theory. It's definitely a long way from there to practice.
link
SomeStupidPoint 3188 days ago
That's true -- but "the program" is also any code using yours as a middle-step, which is the case of a network service is a huge number of people. So anything that requires total program control rather than subroutine enforced safety is a nonstarter.

The timing may occur outside of your control, and then statistical profiling used. If the timing of a reponse to a network request has a time component that depends on shared load, then you have a side-channel.

link