It’s a mistake to write crypto using general-purpose big number libraries. You usually want crypto code to protect against timing attacks, for example, and your average big number library aims for performance; the two goals are at odds.
On Jun 19, 2014, at 10:04 PM, Igor Bukanov <i...@mir2.org> wrote: > On 19 June 2014 21:03, Daniel Micay <danielmi...@gmail.com> wrote: >> I don't think we should have a big unsigned integer. It's not something >> I've seen other big integer libraries do. > > I once spent some time figuring out a bug in a crypto library. It was > caused by writing in a corner case b - a, not a - b. unsigned BigNum > library that faults on a - b when a < b would have trivially caught > that. In addition unsigned BigNum could be more efficient (important > for crypto) as extra sign checks that signed BigNum often use may bear > non-trivial cost. > _______________________________________________ > Rust-dev mailing list > Rust-dev@mozilla.org > https://mail.mozilla.org/listinfo/rust-dev _______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
