[rust-dev] Integer overflow, round -2147483648

Dietrich Epp depp at zdome.net
Fri Jun 20 08:20:58 PDT 2014


It’s a mistake to write crypto using general-purpose big number libraries.  You usually want crypto code to protect against timing attacks, for example, and your average big number library aims for performance; the two goals are at odds.

On Jun 19, 2014, at 10:04 PM, Igor Bukanov <igor at mir2.org> wrote:

> On 19 June 2014 21:03, Daniel Micay <danielmicay at gmail.com> wrote:
>> I don't think we should have a big unsigned integer. It's not something
>> I've seen other big integer libraries do.
> 
> I once spent some time figuring out a bug in a crypto library. It was
> caused by writing in a corner case b - a, not a - b. unsigned BigNum
> library that faults on a - b when a < b would have trivially caught
> that. In addition unsigned BigNum could be more efficient (important
> for crypto) as extra sign checks that signed BigNum often use may bear
> non-trivial cost.
> _______________________________________________
> Rust-dev mailing list
> Rust-dev at mozilla.org
> https://mail.mozilla.org/listinfo/rust-dev



More information about the Rust-dev mailing list