Practical Timing Side Channel Attacks on Memory Compression
Filip Janus <fjanus@redhat.com>
From: Filip Janus <fjanus@redhat.com>
To: pgsql-hackers@lists.postgresql.org
Date: 2022-04-06T11:17:52Z
Lists: pgsql-hackers
Hi all,
A few months ago a group of researchers published a paper about LZ77
vulnerability[1]. And it also affects PGLZ. From my point of view, it could
be a really dangerous issue for some kind of application. If I understand
it correctly there is a possibility of leaking approx. 24B secret data per
hour(but it depends on HW configuration).
I understand that there is no simple and easy solution. But I would like
to know Your opinion on this. Or if you have any plan on how to deal with
this?
Thanks
-Filip-
[1] https://arxiv.org/abs/2111.08404