-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28.12.2014 14:59, d...@geer.org wrote: > There is this old rule that 40% of total code should be in > exception handling; I wonder if any static analysis work is > routinely measuring this or if there is a langsec theoretical > argument w.r.t. that rule of thumb.
Well the first thing to ask is: Under which circumstances does this rule really provide more security? This talk argues, that in some specific fields you don't want this exception handling, because it opens up time channel attacks: http://media.ccc.de/browse/congress/2014/31c3_-_5960_-_en_-_saal_2_-_201412271600_-_revisiting_ssl_tls_implementations_-_sebastian_schinzel.html the mentioned part is somewhere near the end where he talks about the java tls implementation. the error handling code makes the java tls implementation vulnerable to side channel/timing attacks. kind regards Sven -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGcBAEBAgAGBQJUoVD8AAoJEAq0kGAWDrql2QAL/jVDCcfcfcbmjco9/NV7fi3m EvGF2uhrlt0mpywQgwtsLibHvuYjwv0POtK0zLQaqmlXTqxarGGjEscubb1whdBu b7Oen2PgXyf9k8RWRMST0ZGqpdb4Bro9Ywl3yuMmo1+OthWE6TdF0GYgh6T9y2TW 5vCIFqmGinceIocbK3hdYfJzvzMivR+F3AOjXqUalNHVoG4M+vNb2v2yCtBKy6wY g62kJWni7JXYbin3hbAJdbw1BHdHjl1Io6bM6hpL+OA4n9+IZkUox02OIq9hMWsT +c+3RzvwcFUamazdiPDZmhJZ1hRettlXKsRnhgjLuSZa0cABI9FqAMglgaqvG6/x d+UFDSBbee5N5K7QHCAC3nfsatU78NDBXGvqBiAXVeJ8zVFhK9TDEqXG/PzcT4xs BTJ74kT+yMKVBRtqRhEhqRSXHEQzzAvicQgcfJHmQCj9ptV/H0utP7Kg0fk+LGXa XKaRmPuO2Z6P4HYy4aqUPe+DTYarV5i2TBbZeen+og== =0Qot -----END PGP SIGNATURE----- _______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
