Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:72501
Return-Path: <lester@lsces.co.uk>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 92712 invoked from network); 12 Feb 2014 07:20:53 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 12 Feb 2014 07:20:53 -0000
Authentication-Results: pb1.pair.com smtp.mail=lester@lsces.co.uk; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=lester@lsces.co.uk; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain lsces.co.uk from 217.147.176.204 cause and error)
X-PHP-List-Original-Sender: lester@lsces.co.uk
X-Host-Fingerprint: 217.147.176.204 mail4.serversure.net Linux 2.6
Received: from [217.147.176.204] ([217.147.176.204:35306] helo=mail4.serversure.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 44/73-07280-3D02BF25 for <internals@lists.php.net>; Wed, 12 Feb 2014 02:20:52 -0500
Received: (qmail 15228 invoked by uid 89); 12 Feb 2014 07:20:49 -0000
Received: by simscan 1.3.1 ppid: 15220, pid: 15224, t: 0.0720s
         scanners: attach: 1.3.1 clamav: 0.96/m:52
Received: from unknown (HELO linux-dev4.lsces.org.uk) (lester@rainbowdigitalmedia.org.uk@81.138.11.136)
  by mail4.serversure.net with ESMTPA; 12 Feb 2014 07:20:49 -0000
Message-ID: <52FB21A0.7060204@lsces.co.uk>
Date: Wed, 12 Feb 2014 07:24:16 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0 SeaMonkey/2.24
MIME-Version: 1.0
To: internals@lists.php.net
References: <9E3AA302-1EC1-4497-996F-716555CAAB64@rouvenwessling.de> <CAGa2bXYBbPw8RYZmwHPGe8BPFvicjNs1bD85QvRjMJ6i9aoPuQ@mail.gmail.com> <CAGa2bXa35rkmqNLvMw-9hkPJ6F2oPgpzkk4aMXe_9Vbfuoxc2g@mail.gmail.com> <CAGa2bXbuH7cDpr6_F==wse-s7doExxqB-BJzP1Vm_127aJ1O2A@mail.gmail.com> <52F895CB.2020308@lsces.co.uk> <CAGa2bXb36sL4kNvVBC=D3cK0+FQWnyJhR0Kjh7f_HEFCB91KBA@mail.gmail.com>
In-Reply-To: <CAGa2bXb36sL4kNvVBC=D3cK0+FQWnyJhR0Kjh7f_HEFCB91KBA@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] [VOTE] Timing attack safe string comparison function
From: lester@lsces.co.uk (Lester Caine)

Yasuo Ohgaki wrote:
> We cannot assume word aligned data for strings. This is the reason why
> there is
> additional byte by byte comparison. It could be made to align memory to
> word size,
> but it requires memory allocation for comparison. I'm not sure which is
> better, though.

Since PHP is controlling the memory management, there is no reason it can't 
properly align data elements ... based on the target platform. When you only had 
640k of memory every byte counted, but these days the speed gain provided by 
simply wasting a few bytes and always padding buffers to a relevant word 
boundary is far greater than the space saving. Things have changed somewhat 
since the original C compilers were written. But this is better discussed on the 
32/64bit optimization thread. Suffice to say that Firebird recorded substantial 
speed improvement once the basic ground rules were accepted and unnecessary 
'byte related' processing dropped.

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk
Rainbow Digital Media - http://rainbowdigitalmedia.co.uk