Re: Importing libraries for the kernel

[Joerg Sonnenberger <joerg%bec.de@localhost>]

On Fri, Dec 14, 2018 at 01:00:25PM -0500, Mouse wrote:
> >>> [...] I have serious concerns for doing asymmetric cryptography in
> >>> the kernel [...]
> >> Can you clarify the concerns?
> > Asymmetrical cryptography is slow and complex.  [...]  The
> > implementation is non-trivial [...]
> 
> Didn't that ship sail long ago?  I recall seeing people talking about
> putting entire languages into the kernel, in some cases even including
> jitters.  Much as I dislike this, I find that far more "no way in hell
> is that going into _my_ machines' kernels!".

Few of this things require 10k+ cycle operations in one go.

> I also disagree that asymmetric crypto is necessarily all that complex.
> Some asymmetric crypto algorithms require nothing more complex than
> large-number arithmetic.  (Slow, yes, but not particularly complex.)

Correct and fast implementations of large number arithmetic are
complex, esp. if you also want to avoid the typical set of timing leaks.
This applies to operation sets used by RSA as well as those used by ECC.
Different classes of operations, but a mine field to get right.

Joerg