On Sat, Apr 26, 2014 at 3:21 PM, Steve Klabnik <[email protected]>wrote:
> I think the bigger issue is that we really need someone who lives and > breathes cryptography before we feel okay about shipping crypto code. > > Bugs with crypto don't often happen because of poorly implemented > primitives: they happen when you combine those primitives in bad ways. > Formal analysis doesn't help there. Before writing production ready crypto code, some things must be tested carefully, like the ability to write constant time code, or a "secure" buffer implementation (wiped before freeing it). Constant time code is possible in theory (the Rust-crypto has an AES implementation with precautions for that), but I do not know what could be messed up by LLVM optimizations there. Still, with the possibility of dropping some assembly directly where it is needed, it is a great platform for crypto experimentation.
_______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
