[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tor-talk] Programming language for anonymity network



OCaml. http://ocaml.org/

     1. OCaml is more obscure than many languages, but it supports
        programming in imperative, object-oriented, and functional
        styles (though it's obviously best suited for a functional
        style). I've seen people write Java in OCaml and produce clean,
        modular code.
     2. OCaml is used in industrial environments (it's gotten pretty
        popular on Wall Street) and in open-source projects; the
        toolchain is mature and the community is vibrant. 
     3. OCaml is memory safe, but more importantly, it's type safe, and
        its type system is capable of encoding a great deal of your
        program's correctness. It will take some time to get your
        program to compile, but when it does you have a much stronger
        assurance that your program is correct than you do in C, C++, or
        Java.
     4. OCaml compiles to native code; I'm not sure if deterministic
        builds have been done but they should be possible. 
     5. (Performance, the hidden elephant in every language discussion
        room) The OCaml team takes security seriously, and OCaml is
        performance-competitive with C. OCaml does tail-call
        elimination, so you can write programs functionally that are
        memory-efficient.
     6. (Weaknesses) OCaml has a global lock due to its garbage
        collection, so parallel programming has to be done with
        processes. This is (IMO) cleaner than in similar situations like
        Python, but is obviously suboptimal. 

I'd highly recommend reading through this blog series, chronicling a
developer picking OCaml as the language to rewrite a large Python
open-source project in. It doesn't have the same focus as you, but it
goes over various reasons why someone might switch to OCaml, and
introduces some OCaml features:
http://roscidus.com/blog/blog/categories/ocaml/



On Fri, 2014-04-18 at 10:26 +0200, Stevens Le Blond wrote:
> Hello,
> 
> We are a team of researchers working on the design and implementation of
> a traffic-analysis resistant anonymity network and we would like to
> request your opinion regarding the choice of a programming language /
> environment. Here are the criteria:
> 
> 1) Familiarity: The language should be familiar or easy to learn for
> most potential contributors, as we hope to build a diverse community
> that builds on and contributes to the code.
> 
> 2) Maturity: The language implementation, tool chain and libraries
> should be mature enough to support a production system.
> 
> 3) Language security: The language should minimize the risk of security
> relevant bugs like buffer overflows.
> 
> 4) Security of runtime / tool chain: It should be hard to
> inconspicuously backdoor the tool chain and, if applicable, runtime
> environments.
> 
> To give two concrete examples:
> 
> Using the C language + deterministic builds is an attractive option with
> respect to 1), 2) and 4), but doesnâ??t provide much regarding 3).
> 
> Java does better with respect to 3), however, it trades some of 3) and
> 4) as compared to C. Specifically, we are concerned that large runtimes
> may be difficult to audit. A similar argument may apply to other
> interpreted languages.
> 
> Given these criteria, what language would you choose and for what
> reasons? We would also appreciate feedback regarding our criteria.
> 
> All the best,
> David, Nick, Peter, Stevens, and William
> 

-- 
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140418/0c71125f/attachment.sig>