Re: Avoiding C++ Templates In Cipher Implementation
From: Benjamin Goldberg (ben.goldberg_at_hotpop.com)
Date: 06/10/03
- Next message: Martin Vesterlund: "Re: TDCAL usage of LibTom* Projects"
- Previous message: Christophe Devine: "Re: Stream Cipher Like SEAL Wanted ...."
- In reply to: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Next in thread: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Reply: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 09 Jun 2003 19:50:43 -0400
Ernst Lippe wrote:
> Benjamin Goldberg wrote:
>> Mok-Kong Shen wrote:
>>> Russ Lyttle wrote:
>>>> Indeed, there has to be a main() or nothing happens. But the final
>>>> code can be very optimized, compact, and hard to reverse engineer.
>>>
>>> I don't quite understand what's meant by 'hard to reverse
>>> engineer' in the present context.
>>
>> In STL (and most other libraries using templates), the majority of
>> the methods have their bodies defined within the body of the class
>> definition. Thus, when we decompile code which uses an STL template,
>> we often don't see that a class is being used -- we merely see the
>> class's data, and the inlined method calls (not as subroutine calls,
>> just blocks of code).
>>
>> If we uses stl templated algorithms... usually, helper classes
>> (predicates, generators, etc.) don't have much if any member data
>> (and often have just one or two methods, with the method bodies
>> defined within the helper class definition; and thus are inlineable,
>> and the helper class definition itself may be throw-away-able by the
>> compiler, if all uses of it/it's methods are inlined).
>>
>> Because the compiler may throw away so much data, the resulting
>> binary program will have code which is quite opaque when we try to
>> decompile it.
>
[snip: inlined code doesn't make a binary program totally opaque]
>
> But on the whole I don't think that this security by obscurity is not
> a very important issue. Whatever you do, you don't stand any chance
> against a really motivated attacker.
Quite right. I was merely answering Mok's complaint that he didn't
understand what was meant by "hard to reverse engineer."
I never said that templates or inlined code protect against a truly
modivated attacker.
> Correctness of the program is far more important than this form of
> obscurity, so when using templates makes it more likely that your
> program contains errors they should be avoided.
Non sequiter. Correct code is correct code, incorrect code is incorrect
code. While I thoroughly understand how templates can complicate
reverse engineering of program binaries, I do *not* see how they prevent
proofs of correctness.
> Now given the fact that the semantics of templates are pretty
> complicated
I disagree with this. Or rather, some parts of the semantics of
templates are complicated, but you generally don't need to *use* those
parts, and can easily restrict yourself to those parts which aren't
complicated, without significant loss of flexibility. This is, of
course, MHO.
> and that many compilers have bugs in their implementations,
> there is a real probability that using templates will introduce bugs.
With this, however, I sadly agree.
--
$a=24;split//,240513;s/\B/ => /for@@=qw(ac ab bc ba cb ca
);{push(@b,$a),($a-=6)^=1 for 2..$a/6x--$|;print "$@[$a%6
]\n";((6<=($a-=6))?$a+=$_[$a%6]-$a%6:($a=pop @b))&&redo;}
- Next message: Martin Vesterlund: "Re: TDCAL usage of LibTom* Projects"
- Previous message: Christophe Devine: "Re: Stream Cipher Like SEAL Wanted ...."
- In reply to: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Next in thread: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Reply: Ernst Lippe: "Re: Avoiding C++ Templates In Cipher Implementation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
