[Cryptography] Other obvious issues being ignored?
Ron Garret
ron at flownet.com
Wed Oct 21 20:34:02 EDT 2015
On Oct 21, 2015, at 5:13 PM, Ray Dillinger <bear at sonic.net> wrote:
> it is impossible to write secure
> code in Lisp or Java (because garbage collection can leave sensitive
> stuff lying around indefinitely until collected) …..
You can affirmatively erase data in Lisp using destructive operations.
In Common Lisp in particular you can create arrays whose element type is unsigned-byte (with a specifiable width). When you write into those, most modern compilers will produce store instructions that write data directly to memory in exactly the way that C does, at least when you remember to specify “volatile”.
The fact that there is GC is a feature because it adds fuzz which helps thwart timing-based side-channel attacks.
In fact, I’m going to go out on a limb here and claim that Common Lisp is actually a more suitable language for crypto than C.
rg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151021/90440f73/attachment.sig>
More information about the cryptography
mailing list