Git Product home page Git Product logo

Comments (5)

hdevalence avatar hdevalence commented on August 18, 2024

Hi, we already have a description of the safety guarantees in a branch (part of the pre-1.0 work we're doing), it's just not merged yet. I'll close this issue when those changes get merged into the develop branch.

Use of the nightly feature only adds additional safeguards that are only possible using Rust; without it, we get exactly the same properties as are available to C implementations. So while the nightly feature is recommended, it is not required to achieve the same properties as an alternative implementation written in C.

from curve25519-dalek.

joshtriplett avatar joshtriplett commented on August 18, 2024

@hdevalence From what I can tell, it looked like the nightly feature in subtle is (currently) required to prevent the optimizer from breaking the constant-time guarantees, in the same way that C can achieve through things like volatile or passing through an asm block just like Rust can. Have I missed something in subtle in that regard?

In any case, I appreciate and anticipate the future documentation from the branch. :)

from curve25519-dalek.

hdevalence avatar hdevalence commented on August 18, 2024

The nightly feature adds an extra guard that's aimed at preventing the compiler from having enough information to prove that a certain branch-adding optimization would be equivalent, so that the optimizer should not be able to apply that optimization.

Not having this guard doesn't mean that the optimizer breaks the code, it just means that it could be possible for a future compiler to infer more information about the values of some temporary variables, which could allow it to prove that inserting a branch would be equivalent to the code we wrote.

However none of that happens anyways -- the guard is an extra precaution that doesn't meaningfully change the generated code, aside from name mangling and the choice of backend for the clear_on_drop implementation.

from curve25519-dalek.

isislovecruft avatar isislovecruft commented on August 18, 2024

In #162 @hdevalence documented more w.r.t. constant-time guarantees, but if anything is still unclear please feel welcome to re-raise this issue.

from curve25519-dalek.

joshtriplett avatar joshtriplett commented on August 18, 2024

Those changes cover it, thank you!

from curve25519-dalek.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.