On Apr 17, 1:28 pm, "Sisyphus" <sisyph...@optusnet.com.au> wrote: > ----- Original Message ----- > From: "jason" > > > On Apr 12, 3:09 am, "Sisyphus" > >> Also, I find in gmp.h: > > >> #define __GNU_MP_VERSION 5 > >> #define __GNU_MP_VERSION_MINOR 0 > >> #define __GNU_MP_VERSION_PATCHLEVEL 1 > >> #define GMP_VERSION "5.0.1" > > >> Not sure that we really want that when mpz_powm_sec (available only with > >> gmp-5) is missing from the mpir implementation. > > > Yep , we made a decision not to do an mpz_powm_sec as we didn't think > > that a general bignum library was the right place for a "secure" powm, > > although barring that , we should put some note on the website > > Hmmm ... my feeling is that the significance of mpz_powm() would also be > drastically reduced if not for its importance in matters related to security > ... so there's probably an argument for not supporting it, too. (But I'll > leave that to those far more skilled in sophistry than I :-)
There are lots of uses of mpz_powm that don't involve security and, since we don't imply that it has any security properties, anyone who does use it for security is on their own in this respect. And I really don't see a good reason for denying its use by all potential users simply because some people might use it inappropriately. > I think that if forking gmp is the aim, then the user probably expects that > it has been forked "warts and all" ... and therein could be some sort of > argument that making those sorts of selective decisions is outside of your > jurisdiction. I don't see how this could be outside the jurisdiction of those who forked the MPIR version of GMP. Surely any group of people are free to fork GMP and then decide (within the confines of licensing) the extent to which they wish to maintain compatibiliity with the original version? > Please take that point of view with a grain of salt. Obviously, if gmp were > to start doing really ridiculous things, I don't think that any user would > expect mpir to follow suit ... but then, I don't think gmp is about to > embark upon a path of doing "really ridiculous things". > > And although gmp is a "general bignum library", bear in mind that it's also > often used for doing things associated with security. If I'm not mistaken, > openssl now (optionally) uses it. So it's not unreasonable, imo, that it > should lend itself to operations that target security. Clearly, by incorporating security specific functions, GMP could be implying that it is suitable for use as a component in building secure applications. The willingness to allow such an implication, and the willingness of others to take this on trust, are not things over which those of us involved in MPIR have any control. But I would consider it a misuse of MPIR if it was used as a component in a deployed security application. And I would disassociate myself from any MPIR version that included functions whose name implied that MPIR was suitable for such uses. -- You received this message because you are subscribed to the Google Groups "mpir-devel" group. To post to this group, send email to mpir-devel@googlegroups.com. To unsubscribe from this group, send email to mpir-devel+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/mpir-devel?hl=en.
