[13210] in cryptography@c2.net mail archive
Re: The Pure Crypto Project's Hash Function
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon May 5 21:44:12 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@research.att.com>
To: Bill Frantz <frantz@pwpconsult.com>
Cc: EKR <ekr@rtfm.com>, Ralf Senderek <ralf@senderek.de>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>
In-Reply-To: Your message of "Mon, 05 May 2003 16:24:05 PDT."
<v03110709badc9f8bde2c@[192.168.1.5]>
Date: Mon, 05 May 2003 21:27:57 -0400
In message <v03110709badc9f8bde2c@[192.168.1.5]>, Bill Frantz writes:
>At 1:21 PM -0700 5/3/03, Eric Rescorla wrote:
>>Can you explain every single line of the modular exponentiation
>>routine you're using? Every single line of the compiler you're
>>using to compile the code?
>
>The need to show that the object code is a correct implementation of the
>algorithm described by the source code is a general problem for validating
>any kind of code. My approach, and why I have some sympathy for Ralf's
>minimum code approach is:
>
>(1) Code the algorithm in assembler.
>
>(2) Explain each instruction as a comment on the instruction.
>
>(3) Run the code thru the assembler
>
>(4) Show that the output of the assembler matches the input, thereby
>avoiding the need to prove the assembler.
>
>YMMV!
>
Except, of course, that coding in assembler is quite demonstrably more
bug-prone. And I'm not even talking about productivity (also lower) --
bugs are a major source of security holes.
As for matching the output of the compiler -- well, it's not often that
I get to cite my dissertation, but that's what I worked on >20 years
ago. See http://www.research.att.com/~smb/dissabstract.html for the
abstract.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com (2nd edition of "Firewalls" book)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
