Date: Wed, 14 Jan 2026 06:55:06 +0000
I've heard this reasoning many times. And that is just BS.
Not all cryptographic applications are made equal.
Take for example network traffic inspection used in cyber-security for organizations, where the goal is not to use private keys to perform a transformation to be sent somewhere else, but it is to process traffic as fast as possible and see if you are doing something you are not supposed to before bad things happens and without you even knowing.
I'm not particularly concerned with "how fast I can decrypt and validate your message" can be used as a side channel to leak secrets (as if the attacker would know exactly how much time those would take on my system to be bit precise) as the system is silent, I'm more concerned to do what I have to do as fast as possible not to hold up the network backlog, and be able to react to attacks before the vulnerable systems themselves are able to react to malicious input.
Not to mention offline application used in package preparation, whose objective is to process as much files as fast as possible, whose unpredictable timing is not critical because nobody is able to measure it.
We should be able to analyze a proposal on the grounds of "does this make sense, and should we be able to do this", although having a valid practical problem that you want it to solve is an important factor, we shouldn't be this judgmental about wanting to solve a problem the way we specifically want to solve it for ourselves when other people have other goals.
-----Original Message-----
From: Std-Proposals <std-proposals-bounces_at_[hidden]ocpp.org> On Behalf Of Simon Schröder via Std-Proposals
Sent: Wednesday, January 14, 2026 07:07
To: std-proposals_at_lists.isocpp.org
Cc: Simon Schröder <dr.simon.schroeder_at_gmail.com>
Subject: Re: [std-proposals] Modular integers
Cryptography is the wrong motivation for this (unless you want a fast algorithm to break some encryption). In cryptography the main goal is not best performance, but predictable performance to avoid timing attacks. Sometimes you don’t want to treat special cases special because it would reveal something about your cipher.
> On Jan 13, 2026, at 2:34 PM, Hans Åberg via Std-Proposals <std-proposals_at_lists.isocpp.org> wrote:
>
> There might be support for modular integers int_mod<m> ≔ ℤ/mℤ for a modulus m that fits into a fixed-sized word, say 4096 bits for use in cryptology, m ≤ 2⁴⁰⁹⁶. With recursive templates, like those I have written, for fixed-size unsigned integral types up to uint4096_t, it should not be difficult to implement.
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
--
Std-Proposals mailing list
Std-Proposals_at_lists.isocpp.org
https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
Not all cryptographic applications are made equal.
Take for example network traffic inspection used in cyber-security for organizations, where the goal is not to use private keys to perform a transformation to be sent somewhere else, but it is to process traffic as fast as possible and see if you are doing something you are not supposed to before bad things happens and without you even knowing.
I'm not particularly concerned with "how fast I can decrypt and validate your message" can be used as a side channel to leak secrets (as if the attacker would know exactly how much time those would take on my system to be bit precise) as the system is silent, I'm more concerned to do what I have to do as fast as possible not to hold up the network backlog, and be able to react to attacks before the vulnerable systems themselves are able to react to malicious input.
Not to mention offline application used in package preparation, whose objective is to process as much files as fast as possible, whose unpredictable timing is not critical because nobody is able to measure it.
We should be able to analyze a proposal on the grounds of "does this make sense, and should we be able to do this", although having a valid practical problem that you want it to solve is an important factor, we shouldn't be this judgmental about wanting to solve a problem the way we specifically want to solve it for ourselves when other people have other goals.
-----Original Message-----
From: Std-Proposals <std-proposals-bounces_at_[hidden]ocpp.org> On Behalf Of Simon Schröder via Std-Proposals
Sent: Wednesday, January 14, 2026 07:07
To: std-proposals_at_lists.isocpp.org
Cc: Simon Schröder <dr.simon.schroeder_at_gmail.com>
Subject: Re: [std-proposals] Modular integers
Cryptography is the wrong motivation for this (unless you want a fast algorithm to break some encryption). In cryptography the main goal is not best performance, but predictable performance to avoid timing attacks. Sometimes you don’t want to treat special cases special because it would reveal something about your cipher.
> On Jan 13, 2026, at 2:34 PM, Hans Åberg via Std-Proposals <std-proposals_at_lists.isocpp.org> wrote:
>
> There might be support for modular integers int_mod<m> ≔ ℤ/mℤ for a modulus m that fits into a fixed-sized word, say 4096 bits for use in cryptology, m ≤ 2⁴⁰⁹⁶. With recursive templates, like those I have written, for fixed-size unsigned integral types up to uint4096_t, it should not be difficult to implement.
>
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
--
Std-Proposals mailing list
Std-Proposals_at_lists.isocpp.org
https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
Received on 2026-01-14 06:55:13