[Cryptography] How programming language design can help us write secure crypto code

[Dave Horsfall]

[ Subject line cleaned up a bit - FORGERY removed ]

On Sat, 31 Oct 2015, Bill Frantz wrote:

> As a programmer from the 1970s, I never expect the compiler to remove my 
> paranoid tests as modern gcc seems to do. Of course, in the 1970s, most 
> of my code was in assembler, where removal behind my back is much much 
> less likely.

<AOL>
Me too...
</AOL>

Mind you, there was the FORTRANH compiler, which was so slow with its 
optimisation that ordinary students weren't allowed to use it; we were 
stuck with WATFIV, or FORTRANG if we behaved ourselves and learned to 
write proper code (as if you could in FORTRAN anyway).

> I have always thought of C as a machine independent assembler. Having it 
> remove code I have written completely blows that idea. And removing code 
> is a poor way to trust the programmer.

Funny you should say that...  I've always regarded C as a high-level 
assembler, and I am astonished that people would think otherwise.

Quietly removing code from a security application is... not good...  I'd 
like to know how it can possibly be formally verified, if GCC subsequently 
proceeds to stab you in the back.

-- 
Dave Horsfall DTM (VK2KFU)  "Those who don't understand security will suffer."