Re: Computing big numbers

Tom St Denis wrote:

> Pubkeybreaker wrote:
>> stan wrote:
>>> You are totally making your point, Bob Silverman.
>> How many times did he use profanity in his reply? He fails to
>> realize what it makes him look like.
>
> If swearing is my worst offense ... then so be it.
>
>> His reply also disparages Knuth's book itself. In CS, Knuth
>> is GOD. He disparages my assessment as "opinion" and
>> says his is different. I wonder how many others share his view of
>> TAOCP?
>
> Knuth is not god and frankly I doubt Knuth thinks he's the only
> authority on computer science related subjects. Educated people don't
> talk in these ways.

Knuth is about as close to god in computer science as it is possible to
get. I most certainly don't share your view of what Knuth says about
multiple precision arithmetic. Sure there are often faster ways of doing
things but a sound understanding of what Knuth offers is essential for
anyone starting out in this field.

In giving a reference it is necessary to make a judgement of what is
suitable given the likely knowledge and experience of the person making
the request. Given the original posting, I would say that Pubkeybreaker
gave an entirely sensible suggestion.

>> He disparages the use of certification. Apparently he does
>> not understand how software development is done in critical
>> environments.
>
> Blow me. A lot of software has been certified and still not secure.
>
> Look at banks. You can skim a debit card and then just use the pin.
> Oh but it uses FIPS certified DES you say!!! It's GOD!!!

The banks have to set 'end customer' security levels fairly low because
high levels of security at this point in their systems would involve
high costs and massive inconvenience for millions of customers with the
result that the banks costs would be higher than the losses that arise
from fraud.

Better examples are things like civil and military aircraft flight and
engine management and weapons fusing and arming where software errors
can lead to loss of life.

Although it is undoubtedly true that certified software systems have
failed, this is not a good reason for dismissing certification.

>> He fails to accept that a rigorous peer review and detailed test
>> process
>> is required for security critical software. He claims it is just for
>> "show".
>
> Um, NIST certificates are just for KAT, at least on software libraries.
> Only systems get exposed to more rigorous testing [e.g. side channel
> and tamper resistance].

NIST has a wide range of certification levels even for basic components.

>> Knuth's TAOCP is the right place to start. The right place to end
>> is with manuals on assembler optimization techniques. I get the
>> impression that Tom believes the opposite.
>
> You think that because you're not reading what I'm writing. You're not
> reading what I'm writing because you think you can write whatever you
> want and using the title "Rob Silverman" [if that's even you anyways...
> I doubt it] will somehow shield you from any form of proper logic.
>
> I've always maintained that TAOCP is a good reference just not for this
> subject. There *are* better references for the subject. Sorry if you
> disagree, but again, that's your opinion and you're entitled to it just
> as I'm entitled to my own.

If you are right here it would have been helpful to follow up Bob
Silverman's original post with something along the lines "TAOCP is a
good starting point but you might also consider ..... if you want to
look at some of the techniques that are currently favoured in fast
implementations of multiple precision arithmetic".

What references did you have in mind?

> Also, though I'm biased my 300 page text with source and pseudo code is
> better than the 50 pages in TAOCP dedicated to the subject matter. I
> cover algorithms that are not presented in TAOCP that you need to know
> to implement fast bignum math. I present source code and pseudo-code
> that has been tested time and time again in fielded products and
> against third party sources.

Ah, now I understand what you have in mind as a reference - you are in
self promotion mode once again (there are other good references that you
might have been considering).

Nevertheless I will take a look at what you have done as I would not
wish to comment in ignorance.

[snip]

Brian Gladman
.

Relevant Pages

  • Re: Computing big numbers
    ... >> Knuth is not god and frankly I doubt Knuth thinks he's the only ... >> authority on computer science related subjects. ... TAOCP is a good series. ... I didn't say certification is bad, I said it's not a sign of good. ...
    (sci.crypt)
  • Re: Computing big numbers
    ... >>> Knuth is not god and frankly I doubt Knuth thinks he's the only ... > followed by the faster algorithms. ... > I didn't say certification is bad, I said it's not a sign of good. ... certified systems can still fail. ...
    (sci.crypt)
  • Re: Glider definition (span^2/weight)
    ... The JAR 22 reference is a European reference. ... CAR 3 is the old certification reference for the USA. ... Small Aircraft Directorate is in charge of that in the US. ... "Span Loading" is the distribution of lift over the wing span, ...
    (rec.aviation.soaring)
  • 70-315
    ... The question is if this is only a manual of reference or a book of study for the certification. ... Martin Fowler (Distilled UML Third Ed.) ...
    (microsoft.public.cert.exam.mcad)
  • Re: Why use and what is project reference
    ... To add a reference to a Project, ... Show me your certification without works, ... If I have a class Dll called Test.dll that I want to add a reference to I ... I mean that I must use that add reference and select the .NET tab and then ...
    (microsoft.public.dotnet.framework)
Quantcast