[Cryptography] programming languages and the people who (don't) love them, was "NSA-linked Cisco exploit poses bigger threat than previously thought"

[Kent Borg]

On 08/26/2016 12:50 PM, John Levine wrote:
> nothing else to date runs on as many architectures and is as usable in 
> spare environments like OS kernels and embedded systems. 

Doing Unix on a little PDP-11 was near magic. Just finding a modern 
memory part that is as small as the total memory in Dennis Ritchie's 
machine has probably been impossible for quite a few years now.

I said Rust has a small runtime. How small? A subtle question. Looking 
at 
https://lifthrasiir.github.io/rustlog/why-is-a-rust-executable-large.html 
it looks like a nearly honest, minimal "Hello, world" running on top of 
Linux can be 5360-bytes, 32-bytes bigger than the matching C case, a 
reasonable build that uses Rust's IO and not a direct system call bloats 
to 160KiB, and a naive build with debugging info starts at 650KiB. Every 
library seems to assume a megabyte of RAM is nothing these days...

So for a Fitbit, baremetal assembly (aka C) is probably necessary, but 
those cases get pretty rare: I've seen an SD card that, in addition to 
being GBs of flash storage, runs Linux, casually on the side, to manage 
wifi hardware that also fits inside the SD card.

> ObCrypto: very little of the crypto code I use has to run in the kinds
> of environments where C's advantages are important, so it's a reasonable
> question why application libraries like openssl are still in C.

It is still important that crypto code be callable as efficient 
libraries. One wouldn't want to, say, instantiate an entire Python 
environment every time the caller starts a new hash or encryption. And 
it seems a good idea to program pretty close to the metal to head off 
timing attacks, not let keys drift off into garbage collection land, etc.

-kb