[Haskell-cafe] cryptography in haskell
haskell at marcelfourne.de
Wed Feb 18 13:47:30 UTC 2015
Am Tue, 17 Feb 2015 10:43:12 +0100 schrieb Marcel Fourné:
>Am Sat, 7 Feb 2015 11:53:42 -0500 schrieb Patrick Mylund Nielsen:
>>In other words, Haskell eliminates several classes of errors, but
>>doesn't prevent logic errors, and can do nothing about poor standards.
>>Aside from this, I think the main issues would be:
>> - Timing resistance: This is not as simple as sprinkling some
>>operations on your crypto code. It took a long time to figure out even
>>the basics in OpenSSL, and for better and worse it's more difficult to
>>intuit what your Haskell code will be compiled to than it is with C
>>(though C compilers have been known to optimize away constant-time
>(3) No branches based on the content of bits of the secret key.
Basically, an encoding of the advice Peter Schwabe gave at ShmooCon
2015 for C-like languages translate well to Haskell, but having
typecheckable timing attack resistance would be nicer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the Haskell-Cafe