Quick Links

Practical Timing Side Channel Attacks on Memory Compression

From:	Filip Janus <fjanus(at)redhat(dot)com>
To:	pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject:	Practical Timing Side Channel Attacks on Memory Compression
Date:	2022-04-06 11:17:52
Message-ID:	CAFjYY+KZmYWM26YeJGy2Wxm-=MiMaaoQ02hejyN1W7C9brLD0g@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Hi all,
A few months ago a group of researchers published a paper about LZ77
vulnerability[1]. And it also affects PGLZ. From my point of view, it could
be a really dangerous issue for some kind of application. If I understand
it correctly there is a possibility of leaking approx. 24B secret data per
hour(but it depends on HW configuration).

I understand that there is no simple and easy solution. But I would like
to know Your opinion on this. Or if you have any plan on how to deal with
this?

Thanks

-Filip-

[1] https://arxiv.org/abs/2111.08404

Responses

Re: Practical Timing Side Channel Attacks on Memory Compression at 2022-04-06 13:58:28 from Robert Haas

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Alvaro Herrera	2022-04-06 11:31:31	Re: shared-memory based stats collector - v70
Previous Message	Michael Paquier	2022-04-06 11:09:36	Re: [PATCH] Expose port->authn_id to extensions and triggers