[Cryptography] How programming language design can help us write secure crypto code
Ray Dillinger
bear at sonic.net
Sun Nov 8 15:16:22 EST 2015
On 11/02/2015 10:54 AM, dj at deadhat.com wrote:
> This is why I'm very partial to python's ability to easily handle
> arithmetic over rationals. For the probabilistic sums I do a lot of, that
> have asymptotes all over the place, it's nice not to have to look over
> your shoulder for FP problems.
Indeed. I do things that require getting *right* answers
from time to time, and use Scheme for the same reason.
Unbounded rationals, unbounded bignums.
One problem, even given software that handles potentially-
infinite representations is that you don't have potentially-
infinite memory to store them in nor potentially-infinite
CPU to manipulate them.
Another problem is that a fair number of the things you'd
*like* unbounded precision with, are fundamentally
irrational operations, so even if you get to pick how much
rounding error you'll allow, you can't just pick zero. You
have to allow a rounding error somewhere if you're taking
square roots, because square roots are not closed over
rationals, for example.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151108/a3cb49df/attachment.sig>
More information about the cryptography
mailing list