A strong argument could be made for assembly language being a wise choice for implementing security software. Nothing is hidden, nothing happens behind the scenes, and there's no chance that a compiler will “optimize out” deliberate security-related code.

(During a security audit the OpenSSL compiler was found to be silently removing the programmers' deliberate zeroing of security-sensitive buffers containing crypto keys. After being zeroed the buffers were released to the system and the compiler saw that their zeroed values were never being used before release . . . so it “optimized out” the “unnecessary” code.)

Despite some solid reasoning, that's not why I wrote SQRL in assembly language. SQRL is written in assembly language because, for the sort of code I generally write, it's the language I prefer. I began programming in assembly language in 1970 ‑ 44 years before I wrote SQRL. Through the intervening decades I've written a great deal of code in many languages, but I keep coming back to assembly (at least for CISC architectures).

The idea of “assembly language” often puts people off because assembly language is so often written so as to be virtually incomprehensible. However, as the sample routine above, and all of my published SQRL code demonstrates, that's not the way I code in any language.

I am publishing all of the interesting parts of SQRL's code, not because I expect anyone to re-assemble it, as is, into another working application, but because a project's implementation code is always the final arbiter and the ultimate specification of the way a system functions. If I were to somewhat carelessly write a description of something looping, I might leave some ambiguity about whether the loop's bounds include or exclude its endpoints. But the code will know.

Over the decades my code has become highly personalized and idiomatic. For example, the sample above shows a line whose operation is “halve edx” and another as “zero eax”. But “halve” and “zero” are not Intel operation codes, nor mnemonics for opcodes. Rather, “halve” and “zero” are macros for shift right one bit, and xor a register with itself, respectively. I use “halve” and “zero” because those pseudo-operations exactly convey the meaning of the underlying code. They describe what I want to accomplish with the code and significantly increase its overall legibility and maintainability. While this is great for using code to communicate intention, the downside is that my code cannot be easily re-assembled as it is. My own large and complex set of include files and code libraries have evolved over the years in what has always been a closed-source environment.

So it is not my intention to publish an entire open-source build-your-own SQRL kit as a means of proving that GRC's executable code does not differ from its published source. If you do not trust that I have created the most secure solution possible then you would be well advised to use an open-source solution created by someone whom you do trust. My intention and reason for publishing as much of SQRL's code as would be useful to other developers, is specifically to aid others who are operating in an open source mode to create wholly compatible and smoothly interacting solutions. Reading and studying the code I publish, which comes directly from inside SQRL, will help any other developer to understand the solutions I designed and implemented for SQRL.

With all that said, it is my intention to publish the source code for virtually everything that would be of interest to anyone interested in creating a SQRL client or server implementation.

• GRC's public domain open source implementation of AES-GCM authenticated encryption. A zip file containing source code, test vectors, etc. of use for developers wishing to ensure cross-client compatibility.
• (deprecated - SQRL does not use OCB) GRC's OCB authenticated encryption mode reference notes. A zip file containing source code, test vectors, etc. of use for developers wishing to ensure cross-client compatibility.
• GRC's Entropy Harvester code and comments.

• This is a compiled JavaScript version of Dan Bernstein's NaCl library, including the Ed25519 signing function.
• Test vectors for HMAC-SHA-256 and others.
• When, in the future, we want to increase SQRL's bit lengths beyond 256. GRC newsgroup posting containing relevant links.