[Cryptech Tech] Low level side channels

Joachim Strömbergson joachim at secworks.se
Wed Mar 25 08:54:23 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Fredrik Thulin wrote:
> Integrering text on low level side channels in x86.
> 
> How is an ARM A9 in this aspect? M3?
> 
> http://blog.erratasec.com/2015/03/x86-is-high-level-language.html?m=1

Good
> 
read, but should not be that surprising since the x86 is a CISC.

Since the PPro, the CPU is actually a RISC-like, superscalar OOO engine
with a CISC to RISC (uops) translation engine in front of it. And the
important thing is that from generation to generation, Intel both
updates the infrastructure for doing faster decoding (with bigger and
better uops caches) as well as updating the CISC x86 ISA -> RISC uops
translation.

This means that the number of uops as well as the specific uops a given
x86 instruction is mapped to may differ from generation to generation.
This can cause changes in timing for an x86 instruction and add
execution time variance for code that might have been considered
variance immune. The uops caches makes the situation even harder to predict.

See for example this article about the Hasweel microarchitecture:
http://www.anandtech.com/show/6355/intels-haswell-architecture/14

Note the uop caches.

The ARM microarchitectures don't really have the same setup and is
easier to predict. What you do have in for example Cortex M3 is a
decoder for Thumb-type instructions. The ARM9 is a dual issue OOO CPU
which means that it is harder to predict execution time than the M3. The
Cortex M3 and M4 are ARMv7 based CPUs which means single issue with a
simple pipeline.

A good preso with the different ARM instruction sets, microarchitectures
etc:
http://www.eit.lth.se/fileadmin/eit/courses/eitf20/ARM_RG.pdf

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJVEne/AAoJEF3cfFQkIuyN4XQQAKmzcQBmY9TqfvaabS3Q7pG5
4DD0zhnC/osWXPBypVYxbXsrZx/34gwDNyQCe5ldF6/lP+sWtboNvHckBxhLLy0K
Ok+gH/pIXXQtVa7WzapaAAArbwuzETNdjSSDOdari/+STVTGUUjft84eEzzSnVSE
a8dRsn5KFb+s69itxBtOg02irXebryWXvS1gImPkU1xDbTjUb2ePFG/N72pN5RNk
K4hfeBeL7Nr845S7Tx0ELdxtniML7m9kLJoP9mfau+rqfabZ19hDxF454rEvEc+c
CxUCmKLNBlSfGcOjVTrElHe3YTxAPZ/KSHIIJbfMvVhlftOAvJtk8hk8YaYiuUpw
cKhoe2NlDRVUmMsL7zkH9Z3wB69f9dC5TN8qlo7mNSXKFw4sBpUd2UK3AUaJslQ6
KeKjUg8ETuvsEC+thVUbiVnpMZkefJQHvY10DVgjXdkLDZ4uvIr2zIiF9BM8H35I
zseQCU3nAEMT/fOd5wi5lYozhx33wRui6qXSxZX+Ibq9/B68oQ8y5C8HU7Epsp35
eTZft/lRPHUBUpHQ/ovmBrM7dhEsHl7K5spyqJaZ2ZgJnMT2hRhJMGM3e1va7tZ/
YirMYFClj1XQc/Z7sHKsxhu1s92YeN5IFaklPeEIfu4dxUmG/FtaFwqcZgkj+X+k
bwxM4MsEOorlcO3VbaPW
=Dpzj
-----END PGP SIGNATURE-----


More information about the Tech mailing list