Re: Avoiding C++ Templates In Cipher Implementation
From: Brian Gladman (fake_at_nowhere.org)
Date: Mon, 9 Jun 2003 09:14:22 +0100
"Russ Lyttle" <firstname.lastname@example.org> wrote in message
> Mok-Kong Shen wrote:
> > Russ Lyttle wrote:
> Code I write often must meet some combination of the following 3
> requirements. : (1) It must be easy to maintain; (2) It must be proven
> correct; or (3) it must be secure. Pick two.
> (1) requires readable source and easily debugged execuitables. That means
> any one can reverse engineer the object code. Thus less (3).
> Templates make it difficult to meet requirement (2) even though they help
> lots for meeting (1).
> The crypto I do has (3) more important than (2) and often does not have to
> meet (1) at all. The crypto algorithm must be correct.
So you are happy to have incorrect code as long as it is secure?
I personally doubt that (3) is achievable in the absense of (2) since
assurance of security to a certain standard of proof will require proof of
correctness to at least the same standard.
> Crypto devices should have lots of anti-tampering mechanisms. This is only
This might be a requirement but it will not always be necessary.