[Cryptography] Ada vs Rust vs safer C

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Sep 21 11:16:58 EDT 2016

Jerry Leichter <leichter at lrw.com> writes:

>I've never understood the reluctance of the C Standards guys to pin this down

There's a hint there for anyone who knows any more to spill the beans :-).

You don't really need to do anything at the C standard level though, the
standard already says, in effect, "if you shift more than X bits the compiler
is allowed to reformat your hard drive" (or whatever it chooses to do), so all
a compiler vendor has to do is define their compiler's behaviour to be "the
code we generate will behave as per the native machine architecture".  For
example on x86 it'll do exactly what you'd expect from x86 (i.e. what
Intel/AMD say in their architecture reference), on x64 it'll do what x64 is
specified to do, etc.  Some compilers already do a pretty good job of this,
see the paper I previously referenced.


More information about the cryptography mailing list