From: Dennis Lee Bieber <wlfraed@ix.netcom.com>
Subject: Re: Should Ada runtime provide special primitives for cryptography?
Date: Wed, 01 Oct 2014 09:22:31 -0400
Date: 2014-10-01T09:22:31-04:00 [thread overview]
Message-ID: <npvn2a9cdq2habaut03s7bho39grrr42h5@4ax.com> (raw)
In-Reply-To: slrnm2nfj4.nrc.lithiumcat@nat.rebma.instinctive.eu
On Wed, 1 Oct 2014 08:42:17 +0000 (UTC), Natasha Kerensikova
<lithiumcat@instinctive.eu> declaimed the following:
>However, when actually implementing cryptographic stuff, cleverness from
>compiler and optimizer are often enemies. For example, overwriting a
>buffer with zeroes might be optimized out when the buffer is not
>accessed again.
>
Cryptographic "zeroing" does not fill a buffer with 0x00 values. One
approved method is to:
generate random sequence (in a second buffer as you'll need it again)
copy random sequence into crypto buffer
compare buffers to ensure data was changed
invert the bits of the random sequence
copy random sequence into crypto buffer
compare to ensure all data changed
generate second random sequence
copy second sequence into buffer
compare buffers
The first two copy operations ensure every bit in the buffer has been
toggled to both states -- the compares ensure you don't have a "sticky
bit".
--
Wulfraed Dennis Lee Bieber AF6VN
wlfraed@ix.netcom.com HTTP://wlfraed.home.netcom.com/
next prev parent reply other threads:[~2014-10-01 13:22 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-01 8:42 Should Ada runtime provide special primitives for cryptography? Natasha Kerensikova
2014-10-01 9:16 ` Dirk Heinrichs
2014-10-01 9:24 ` Georg Bauhaus
2014-10-09 3:12 ` Randy Brukardt
2014-10-01 13:22 ` Dennis Lee Bieber [this message]
2014-10-01 15:15 ` Brad Moore
2014-10-02 2:13 ` Dennis Lee Bieber
2014-10-01 21:07 ` Florian Weimer
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox