Capability systems do not directly address covert channels. Few secrets are as critical as public key crypto algorithms. There are several announcements of successful extraction of the private key from a CPU that was using that key thru cache intereferance techniques.

Here is a scheme that thwarts that covert channel. It has nothing to do with capability solutions and should work for any kernel that is otherwise good enough to host the use of such keys.

The data required to compute gn mod z fits nicely in cache of most machines. Do a system call that guarantee’s no preemption for 2 ms. This puts the thread in a special mode that if the thread computes more than 2 ms it is trapped. Load all of the data into cache in an order that does not reveal bits of the key. Do the calculation and perhaps pad the work to a constant time. The peak to average ration never exceeds 2, I think. Call the system to cancel the special mode.