Blog

Double free(), no such thing
Pascal Cuoq on 5 January 2012

I have been able to divert a few hours yesterday and today for programming. It was well worth it, as I have discovered a theorem. It is new to me, and I wonder whether it was ever published. The theorem is, a C program cannot double free() a block even...

Read More

Do not use AES in a context where timing attacks are possible
Pascal Cuoq on 31 December 2011

Justification There recently was a thread in the Frama-C mailing list on verifying the Rijndael cipher, standardized and better-known as AES. Nowadays, AES is mostly famous for being sensitive to timing attacks. An attacker measuring the time it takes to encrypt known plaintext with an unknown key can deduce the...

Read More

More Christmas rant
Pascal Cuoq on 30 December 2011

In 2011, I got an Xbox 360. It's not what I would have liked but you know what they say about not looking gift consoles in the mouth especially when you get them one solstice early. When in the game shop I saw in the second-hand games bin the game...

Read More

Christmas and social networks
Pascal Cuoq on 30 December 2011

I would use a social network where the discussions are about the near future's zeitgeist. As they are, people just use them to discuss what is happening now (\what are you doing?") which does not have the same usefulness. Case in point: Christmas just came and went; presents given and...

Read More