It’s a mistake to write crypto using general-purpose big number libraries. You usually want crypto code to protect against timing attacks, for example, and your average big number library aims for performance; the two goals are at odds.
On Jun 19, 2014, at 10:04 PM, Igor Bukanov <[email protected]> wrote: > On 19 June 2014 21:03, Daniel Micay <[email protected]> wrote: >> I don't think we should have a big unsigned integer. It's not something >> I've seen other big integer libraries do. > > I once spent some time figuring out a bug in a crypto library. It was > caused by writing in a corner case b - a, not a - b. unsigned BigNum > library that faults on a - b when a < b would have trivially caught > that. In addition unsigned BigNum could be more efficient (important > for crypto) as extra sign checks that signed BigNum often use may bear > non-trivial cost. > _______________________________________________ > Rust-dev mailing list > [email protected] > https://mail.mozilla.org/listinfo/rust-dev _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
