[Cryptography] Just turn off C-optimization?
Kevin W. Wall
kevin.w.wall at gmail.com
Fri Apr 18 23:28:56 EDT 2014
On Fri, Apr 18, 2014 at 6:09 PM, Phillip Hallam-Baker <hallam at gmail.com> wrote:
> [Merging the C threads]
>
> Perhaps we could reduce errors by simply turning of optimization in
> the C compilers? If the optimizer does not do the right thing then I
> don't want it used. And the semantics of C make it next to impossible
> to get the optimizer right.
>
> Since we are doing security code I would much rather the code was
> right than fast.
While it's especially important for security code, I think that's true of
pretty much any code. I remember Jon Bentley asking something to
the effect that "if it doesn't have to be correct, how fast would you like it?".
I've not written C/C++ in about 10+ years, but by now I'd think that there
would be some standard #pragma statement that tells the optimizer
"keep you damned paws of this section of code". Of course, things are
seldom that simple, but it might be sufficient for a small # of use cases.
-kevin
--
Blog: http://off-the-wall-security.blogspot.com/
NSA: All your crypto bit are belong to us.
More information about the cryptography
mailing list