Cryptography and D

[deadalnix via Digitalmars-d]

On Saturday, 5 July 2014 at 23:45:47 UTC, Xinok wrote:
> If you don't trust OpenSSL, nobody said you have to use it. 
> There are plenty of alternatives available. The fact still 
> remains, implementing your own crypto is a very bad idea.
>

It seems to be the consensus. In the meantime, people like Mark 
Karpeles build their own implementation of SSH in PHP, and 
proceed to run a multimillion dollar exchange ( MtGox ).

Building your own crypto is a bad idea. And you know who ignore 
bad idea ? Bad programmers. As a results, they are the one 
building crypto libs. And you know what is a worse idea than 
making your own crypto lib ? Letting Dunning-Kruger lemmings do 
it for you.

> Why implement a crypto lib in C?
>
> (1) Maximum exposure - If a programming language has more than 
> 100 users, chances are, there's an OpenSSL binding available 
> for that language. C is an ideal language to make something 
> available for as many platforms and environments as possible.
>

This is very true. However, as each plateform has its own 
characteristics, you ends up not being able to port that simply, 
and worse, you can break security without knowing it doing so.

I understand the social aspect of it, but from a security POV, 
this is a neat loss.

I'm not sure if another approach is possible. It is clear that 
nobody care about security until catastrophes happens. At least, 
the recent event waked up many people on how bad the state of 
affair is, and how clueless the people handling it right now are.

> (2) Determinism - If your intention is to implement crypto that 
> is impervious to side-channel attacks, you need a language 
> that's "close to the metal" and will behave how you expect it 
> to. For example, Java would be a poor choice because things 
> like garbage collection and JITing makes code highly 
> non-deterministic.

D is an option here. Anything that isn't system related obviously 
isn't, as you must ensure that you clean the memory behind you.