[langsec-discuss] a question on code volume

Sven Kieske svenkieske at gmail.com
Mon Dec 29 13:28:44 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 28.12.2014 14:59, dan at geer.org wrote:
> There is this old rule that 40% of total code should be in
> exception handling; I wonder if any static analysis work is
> routinely measuring this or if there is a langsec theoretical
> argument w.r.t. that rule of thumb.

Well the first thing to ask is:

Under which circumstances does this rule really
provide more security?

This talk argues, that in some specific fields
you don't want this exception handling, because
it opens up time channel attacks:

http://media.ccc.de/browse/congress/2014/31c3_-_5960_-_en_-_saal_2_-_201412271600_-_revisiting_ssl_tls_implementations_-_sebastian_schinzel.html

the mentioned part is somewhere near the end
where he talks about the java tls implementation.

the error handling code makes the java tls implementation
vulnerable to side channel/timing attacks.

kind regards

Sven
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQGcBAEBAgAGBQJUoVD8AAoJEAq0kGAWDrql2QAL/jVDCcfcfcbmjco9/NV7fi3m
EvGF2uhrlt0mpywQgwtsLibHvuYjwv0POtK0zLQaqmlXTqxarGGjEscubb1whdBu
b7Oen2PgXyf9k8RWRMST0ZGqpdb4Bro9Ywl3yuMmo1+OthWE6TdF0GYgh6T9y2TW
5vCIFqmGinceIocbK3hdYfJzvzMivR+F3AOjXqUalNHVoG4M+vNb2v2yCtBKy6wY
g62kJWni7JXYbin3hbAJdbw1BHdHjl1Io6bM6hpL+OA4n9+IZkUox02OIq9hMWsT
+c+3RzvwcFUamazdiPDZmhJZ1hRettlXKsRnhgjLuSZa0cABI9FqAMglgaqvG6/x
d+UFDSBbee5N5K7QHCAC3nfsatU78NDBXGvqBiAXVeJ8zVFhK9TDEqXG/PzcT4xs
BTJ74kT+yMKVBRtqRhEhqRSXHEQzzAvicQgcfJHmQCj9ptV/H0utP7Kg0fk+LGXa
XKaRmPuO2Z6P4HYy4aqUPe+DTYarV5i2TBbZeen+og==
=0Qot
-----END PGP SIGNATURE-----


More information about the langsec-discuss mailing list