To find the backdoored crypto, we'd look for the complex papers with unreadable code that do magic things with handwavy explanations, no? 
When a bug is found in asm math code almost nobody bothers to figure out if it's exploitable, as that takes lots of time w/ no benefit.
-
-
Assuming the backdoor is done in the maths, not in a few instructions manipulating memory here and there. But they'd be easier to spot
-
At the end of the day, it seems impossible to distinguish sloppy practices from consistent malice or occasional accident from 1-time malice.
-
the assembly code is definitely checked "less" often, and is often just ported from reference code.
-
Shameless plug :) This sort of why we have Vale and HaCl* together in Everest…https://github.com/project-everest/vale …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.