Hacker News new | past | comments | ask | show | jobs | submit login

One of my worry about the presented ideas, and this is present in RISC-V vector ISA if I'm not mistaken, is that register-size-independent vector instructions have random execution times depending on hardware register width.

I remember seeing presentations of extensions to AVX (during probably a supercomputing related event in Spain years ago ?) that some complex, matrix to matrix instructions could have data dependent execution time, in addition to possible hardware register size dependencies.

In some contexts, and for overall security, this could be very problematic. Has this been discussed?




RISC-V does have a Zvkt extension that requires that the set of instructions useful for crypto have data-independent timing. (it includes requiring that shuffle timings are independent of table data, but allows timings to vary across different index inputs)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: