crypto for the average programmer
Richard Levitte - VMS Whacker
richard at levitte.org
Mon Dec 19 01:42:37 EST 2005
In message <d4f1333a0512181956x23c64f4et360d10b32fd5cecb at mail.gmail.com> on Sun, 18 Dec 2005 21:56:11 -0600, "Travis H." <solinym at gmail.com> said:
solinym> Anytime someone wants to rewrite a C library in a language
solinym> less prone to buffer overflows, I'm totally for it. Some say
solinym> that "it's not the library, it's the programmer", but I think
solinym> that denies human factors. C simply requires too much
solinym> machinery on top of it to use it securely.
[...]
solinym> And yet cryptographers continue to write in C.
C has three really strong points:
- portability. It's one of the most wide-spread and portable
compiled languages that I know of.
- speed. Most languages with the same level of portability as C that
I know of are interpreted. They will probably never get to the
level of speed you can get with C.
- simple or compatible ABI. C++ could be a good candidate if handled
properly (yeah, yeah, I know), but I've yet to see that the ABI
used by different compilers on the same platform not differ so
much. Most all, I'm thinking of name mangling (uhm, not really
sure if that an ABI issue or not :-)).
As soon as there's a more secure language that fills those criteria, I
see not reason why you'd want to stay with C. In the mean time, we'll
probably have to keep on living with its' defficiencies (I do agree
with you about those).
Cheers,
Richard
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte richard at levitte.org
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list