Eric Biggers, yog ib tus tsim tawm ntawm Adiantum cipher thiab tus saib xyuas ntawm Linux kernel fscrypt subsystem, tau npaj ib pawg thaj ua rau thaj tsam los thaiv cov teeb meem kev nyab xeeb uas tshwm sim los ntawm cov yam ntxwv ntawm Intel processors uas tsis lav lub sijhawm ua tiav rau cov ntaub ntawv sib txawv. Qhov teeb meem tshwm sim hauv Intel processors pib nrog tsev neeg Ice Lake. Ib qho teeb meem zoo sib xws tau pom hauv ARM processors.
Lub xub ntiag ntawm kev vam meej ntawm lub sijhawm ua tiav ntawm cov lus qhia ntawm cov ntaub ntawv ua tiav hauv cov lus qhia no yog suav tias yog tus sau ntawm thaj ua rau thaj ua rau muaj qhov tsis zoo hauv cov txheej txheem, vim tias tus cwj pwm zoo li no tsis tuaj yeem lav qhov kev nyab xeeb ntawm kev ua haujlwm cryptographic ua hauv qhov system. Ntau qhov kev siv ntawm cryptographic algorithms yog tsim los xyuas kom meej tias cov ntaub ntawv tsis cuam tshuam rau lub sijhawm ua tiav ntawm cov lus qhia, thiab kev ua txhaum tus cwj pwm no tuaj yeem ua rau tsim cov kev tawm tsam sab nraud uas rov qab tau cov ntaub ntawv raws li kev soj ntsuam ntawm nws lub sijhawm ua haujlwm.
Muaj peev xwm, cov ntaub ntawv siv sijhawm ua haujlwm kuj tuaj yeem siv los tua tawm los txiav txim siab cov ntaub ntawv ntawm cov neeg siv qhov chaw. Raws li Eric Biggers, lub sijhawm ua tiav tas li tsis yog muab los ntawm lub neej ntawd txawm tias cov lus qhia ua haujlwm ntxiv thiab XOR, nrog rau cov lus qhia tshwj xeeb AES-NI (cov ntaub ntawv tsis tau lees paub los ntawm kev sim, raws li lwm cov ntaub ntawv, muaj kev ncua sijhawm ntawm ib qho. lub voj voog thaum lub sij hawm vector ntau thiab suav me ntsis).
Txhawm rau kaw qhov kev coj cwj pwm no, Intel thiab ARM tau tshaj tawm cov chij tshiab: PSTATE ntsis DIT (Data Independent Timing) rau ARM CPUs thiab MSR ntsis DIOTM (Data Operand Independent Timing Mode) rau Intel CPUs, rov qab tus cwj pwm qub nrog lub sijhawm ua haujlwm tas li. Intel thiab ARM pom zoo kom ua kom muaj kev tiv thaiv raws li qhov xav tau rau cov cai tseem ceeb, tab sis qhov tseeb, kev suav qhov tseem ceeb tuaj yeem tshwm sim nyob qhov twg hauv cov ntsiav thiab cov neeg siv qhov chaw, yog li peb tab tom txiav txim siab ua kom DITM thiab DIT hom rau tag nrho cov ntsiav txhua lub sijhawm.
Rau ARM processors, Linux 6.2 kernel ceg twb tau siv thaj ua rau thaj uas hloov tus cwj pwm rau cov ntsiav, tab sis cov thaj ua rau thaj no suav tias tsis txaus vim tias lawv tsuas yog npog cov kernel code thiab tsis hloov tus cwj pwm rau cov neeg siv chaw. Rau Intel processors, suav nrog kev tiv thaiv tseem nyob rau theem tshuaj xyuas. Qhov cuam tshuam ntawm thaj tsam ntawm kev ua tau zoo tseem tsis tau ntsuas, tab sis raws li Intel cov ntaub ntawv, ua kom DITM hom txo qhov kev ua tau zoo (piv txwv li, los ntawm kev cuam tshuam qee qhov kev ua tau zoo, xws li cov ntaub ntawv tshwj xeeb preloading) thiab yav tom ntej processor qauv kev ua haujlwm yuav txo qis. .
Tau qhov twg los: opennet.ru