I'm not a practioner of cryptography, but I would be wary about timing attacks t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		_flux 16 days ago \| parent \| context \| favorite \| on: Notes by djb on using Fil-C I'm not a practioner of cryptography, but I would be wary about timing attacks that might become possible if such a dynamic runtime is introduced. At least relevant pieces of code would need to be re-evaluated in the Fil-C environment. But maybe you could use C as the "glue language" and then the build better performing libraries in Rust for C to use. Like in Python!

mbrock 16 days ago [–]

Good call! Fil-C does in fact have a way to let you build and run OpenSSL with its constant time crypto. I don't know how this works exactly but I guess it's relatively easy to guarantee it's safe.

kragen 16 days ago | [–]

How easy is it to link Rust code with C compiled with Fil-C's ABI?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact