In message <v04210102b40f68d103d7@[63.193.122.223]>, Martin Minow writes:
>
> Yeah, but 370 Assembler H had a very extensive macro facility and
> you could hide all kinds of wierd stuff in 370 code. Not too many
> folk left around who can read it.
And those of us who once could no longer remember how to -- for me, it's at
least 20 years (more like 25, actually) since I touched the stuff...
>
> I have a copy of Decus C (Open Source PDP-11 C) lying around and
> wrote enough of its compiler and code generator to know what it can
> and cannot do, in case anyone is interested. The entire source code
> of the C compiler is small enough to sight-verify in about a man-month.
> A "Small C" compiler (see early issues of Dr. Dobbs) can be implemented
> in about 3 man months and ought to be good enough for crypto work.
That isn't the real problem -- most crypto routines per se are small enough
that one could verify the machine code without too much effort. The problem
is the environment they're embedded in. By that I mean not just the
crypto-using application, but the entire operating system. By example, I
could verify the machine code for IDEA, but not PGP and certainly not your
favorite version of UNIX.
--Steve Bellovin
