[Cryptography] How programming language design can help us write secure crypto code
Mansour Moufid
mansourmoufid at gmail.com
Mon Nov 2 03:24:36 EST 2015
On Sun, Nov 1, 2015 at 2:03 PM, Dave Horsfall <dave at horsfall.org> wrote:
> Mind you, there was the FORTRANH compiler, which was so slow with its
> optimisation that ordinary students weren't allowed to use it; we were
> stuck with WATFIV, or FORTRANG if we behaved ourselves and learned to
> write proper code (as if you could in FORTRAN anyway).
Speaking of FORTRAN, there is an interesting parallel here
with the early calculators.
Before the standard for floating point arithmetic (IEEE 754),
the same formula (program) would produce different results on
different calculators (computers).
Those computers that, given a good program, would produce bad
results, Kahan called "egregious machines."
>From "Mathematics written in sand":
If a simple program works and is proved mathematically
always to work well enough on all but a few commercially
significant computers, who should bear the onus of
adapting it to the aberrant machines?
In the past, the onus has fallen mostly upon the owners
of aberrant machines or upon the creator of the program,
rather than upon the creators of aberrant arithmetics.
...
To lift that onus from all of us, we must persuade the
designers and builders of computer arithmetics that ...
1: aberrant designs can invalidate certain familiar
calculations performed by most other machines
without any trouble;
2: to compensate for aberrant arithmetic, software must
become more complicated, costly and unreliable; and
3: their customers are aware of these truths.
(I am not quite sure about item 3.)
Replace "arithmetics" with logic, and "machines" with compilers,
and we are in the same situation three decades later...
More information about the cryptography
mailing list