[Cryptography] [FORGED] Attackers will always win, and it's getting worse!
Ray Dillinger
bear at sonic.net
Tue Jul 11 16:36:57 EDT 2017
On 07/11/2017 05:04 AM, Arnold Reinhold wrote:
> The C/C++ folks insist that they only make promises about final
> outputs of programs, not what happens to data while it is being
> processed. .... Do we need special languages for crypto, perhaps
> with fewer features but more predictable relationships between source
> and object code?
I have sometimes argued that for security purposes we need semantic-
level guarantees about things which are completely inexpressible
in existing semantic frameworks. Where 'semantics' has been taken as
expressing everything intended to be observable about program output,
I've labeled these additional requirements as 'quasi-semantic', on the
grounds that they affect or determine 'quasi-output' or side channel output.
A lot of quasi-semantic requirements are about particular kinds of
things NOT happening; most of the rest are about the operational
properties of particular things (usually low-level things) that DO happen.
Once you introduce quasi-semantic requirements about particular kinds of
things NOT happening, the ability to do many kinds of optimizations or
rewrites vanishes, in ways that cascade through the code often down to
levels where the effects reach into tight loops where you wouldn't
expect it. I'd argue that that's an acceptable cost of doing business.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170711/478d46a9/attachment.sig>
More information about the cryptography
mailing list