[Cryptography] Swift and cryptography
Phillip Hallam-Baker
phill at hallambaker.com
Mon Jun 9 12:52:34 EDT 2014
On Mon, Jun 9, 2014 at 7:30 AM, Arnold Reinhold <agr at me.com> wrote:
> Apple's new programming language, Swift, seems to be a clean, modern and well thought out design, with a number of improvements that remove possible sources of programming errors. In particular, Swift faces the integer overflow problem head on, perhaps the first modern language to do so (see http://blog.regehr.org/archives/1154). Integer overflows in Swift cause a runtime error, but programmers can choose to allow overflows by using the special arithmetical operators &+, &-, &*, &/ and &%. Swift also allows types to have properties, and the properties 'min' and 'max' are defined in Swift for all integer types, e.g. UInt8.max, which is 255. They can be used to safely check for potential overflows, as contrasted with relying on--and remembering--the names of min/max constants defined in some external library.
> Swift is still in beta and there still might be time for the cryptography community to influence its design. Yes, I realize Swift is an Apple-only language at the moment, but this could change and getting things right on one platform is at least a start.
Looks to me as if they have backported the most important parts of the
C#/Java world to the C world.
What I want from a modern language is classes, single inheritance,
interfaces, properties and a clean syntax that does not
do::this.or->anything.worse
> One area that comes to mind is some way to erase data that is guaranteed not be removed by the optimizer. Swift has destructors ("deinitializers") for classes. A guarantee that assignments in deinits would always be preserved might be a start. Swift also has "optional" variables that can either have a value or be nil. A zeroize generic function or protocol that erased all storage associated with an optional variable before setting it to nil could also be helpful.
It would be interesting to see how they manage strings. Do they
support something like the C# 'protected' class...
More information about the cryptography
mailing list