Performance often comes at the cost of providing side channels and security headaches.
Even when it's a bad password, if you return the result in a consistent amount of time based on how many characters are wrong, its trivial to get the password.
How about having dedicated cores for privileged and unpriviledged code, it comes with a cost for sure, hard to imagine an easy solutions to these issues though.
|