Path: csiph.com!weretis.net!feeder9.news.weretis.net!news.misty.com!news.iecc.com!.POSTED.news.iecc.com!nerds-end From: Ian Lance Taylor Newsgroups: comp.compilers Subject: Re: Crypto friendly optimization? Date: Sat, 24 Aug 2024 20:14:50 -0700 Organization: Compilers Central Sender: johnl%iecc.com Approved: comp.compilers@iecc.com Message-ID: <24-08-005@comp.compilers> References: <24-08-003@comp.compilers> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: gal.iecc.com; posting-host="news.iecc.com:2001:470:1f07:1126:0:676f:7373:6970"; logging-data="40818"; mail-complaints-to="abuse@iecc.com" Keywords: optimize Posted-Date: 24 Aug 2024 23:25:54 EDT X-submission-address: compilers@iecc.com X-moderator-address: compilers-request@iecc.com X-FAQ-and-archives: http://compilers.iecc.com In-Reply-To: <24-08-003@comp.compilers> Xref: csiph.com comp.compilers:3586 For the Go programming language there has been discussion of adding a secret.Do function, that invokes a function closure and, after it returns, erases all memory that it allocated. The goal is better, though not perfect, forward secrecy, so that people can't capture a key today and a conversation today and, if they key becomes vulnerable, later use it to decrypt the conversation. There is a lot of discussion at with the output at . This is not yet implemented, but the current attempts require work in both the compiler and the runtime library. Related to that is a more speculative idea to enable ARM DIT/Intel DOIT mode while executing a function. Discussion at . But there is no special work in the Go compilers to ensure that code written to execute in constant-time is not optimized to run in non-constant-time. It would be interesting to hear about other work in that area. Ian