Comments (2)
Hi there, having better tooling for verified crypto would be great.
From my perspective, there's a spectrum of tooling choices that ranges from immediately pragmatic on one end to more theoretically complete on the other hand. This library is focused pretty squarely at one end, trying to provide tools that are practical today (a rust library that can be pretty easily integrated) but still eliminate a wide class of errors (it's not possible to accidentally apply variable-time operations to Choice
s). Getting guarantees all the way down to the assembly level would be nice, but I think that the current implementation gets 80-90% of the benefit without requiring significantly more complex tooling.
In contrast, projects like Vale or Evercrypt may be able to make better guarantees, but they are not really integrable into existing projects, and they take a pretty specialized all-or-nothing approach. So my expectation is that at least in the near-to-medium-term, these projects will have pretty different positions in the space of design tradeoffs.
from subtle.
I see a couple issues with the Prusti approach (although that looks like a really cool project!):
- Any "pure" function (i.e. deterministic and side-effect free) can currently only return an integer or a bool, so we'd have to remove our
Choice
type, which is the whole point of this library, i.e. to prevent a compiler from optimising a u8 into a bool/i1. - The only constraints we really care about are "when called with any possible inputs, do these functions execute the same set of instructions" and "do those instructions branch on secret data", neither of which appear to be testable with Prusti.
That's not to say we don't wish to formally verify these constraints, just that the tooling for this isn't really applicable for integration into a production library which implements the kinds of safety checks we have in subtle.
Closing for now, since this isn't really an issue, but feel free to discuss further of course.
from subtle.
Related Issues (20)
- derive macros to extend constant-time comparisons to user-defined aggregate structs
- Use predication intrinsics (i.e. CMOV) for `ConditionallySelectable` HOT 2
- Remove TravisCI and add github worker
- Tiny bug in test HOT 1
- Clarify assembly review
- Exposing constant-time `is_zero`? HOT 3
- Outdated code in https://doc.dalek.rs/src/ ? HOT 1
- Choice: invariant not upheld in release mode HOT 1
- should the `black_box` asm block be marked volatile? HOT 5
- Nightly building issue HOT 2
- Conversions between CtOption and Option HOT 1
- Implement ok_or() for CtOption<T> HOT 11
- Subtle2.3.0 cannot be compiled on my machine HOT 5
- Implement `ConditionallySelectable` for `[T; N]`? HOT 2
- Ensuring `no_std` for subtle HOT 4
- Incorrect explanation of Unsafe usages HOT 2
- Alternative license HOT 1
- Combine multiple `CtOption`al results HOT 1
- Support ConditionallySelectable for types that are not Copy HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from subtle.