But there's more to cryptography than just inputs and outputs.
Like, let's say we have two functions which validate a password.
Function A takes a user-defined parameter, compares it to a stored value byte by byte, and as soon as the strings differ, it exits.
Function B takes a user-defined parameter, compares it to a stored value byte by byte, sets a flag if the strings differ, and exits when all bytes have been compared.
Both of those functions take the same input, and both of them return the same output. Are you prepared to tell me that the two functions are equally secure?
Like, let's say we have two functions which validate a password.
Function A takes a user-defined parameter, compares it to a stored value byte by byte, and as soon as the strings differ, it exits.
Function B takes a user-defined parameter, compares it to a stored value byte by byte, sets a flag if the strings differ, and exits when all bytes have been compared.
Both of those functions take the same input, and both of them return the same output. Are you prepared to tell me that the two functions are equally secure?