Date: Wed, 14 Jan 2026 15:41:44 +0100
Right. The idea is to make it general-purpose type; perhaps cryptologists using it can come up with suggestions.
Otherwise, my reference implementation has a good timing indifference. For example, all 2-by-2 divisions take up roughly the same time, whereas there is a big difference in the LLVM binary division, depending on how many shifts it has to do.
> On 14 Jan 2026, at 07:07, Simon Schröder via Std-Proposals <std-proposals_at_[hidden]> wrote:
>
> Cryptography is the wrong motivation for this (unless you want a fast algorithm to break some encryption). In cryptography the main goal is not best performance, but predictable performance to avoid timing attacks. Sometimes you don’t want to treat special cases special because it would reveal something about your cipher.
>
>> On Jan 13, 2026, at 2:34 PM, Hans Åberg via Std-Proposals <std-proposals_at_[hidden]> wrote:
>>
>> There might be support for modular integers int_mod<m> ≔ ℤ/mℤ for a modulus m that fits into a fixed-sized word, say 4096 bits for use in cryptology, m ≤ 2⁴⁰⁹⁶. With recursive templates, like those I have written, for fixed-size unsigned integral types up to uint4096_t, it should not be difficult to implement.
>>
>> --
>> Std-Proposals mailing list
>> Std-Proposals_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
Otherwise, my reference implementation has a good timing indifference. For example, all 2-by-2 divisions take up roughly the same time, whereas there is a big difference in the LLVM binary division, depending on how many shifts it has to do.
> On 14 Jan 2026, at 07:07, Simon Schröder via Std-Proposals <std-proposals_at_[hidden]> wrote:
>
> Cryptography is the wrong motivation for this (unless you want a fast algorithm to break some encryption). In cryptography the main goal is not best performance, but predictable performance to avoid timing attacks. Sometimes you don’t want to treat special cases special because it would reveal something about your cipher.
>
>> On Jan 13, 2026, at 2:34 PM, Hans Åberg via Std-Proposals <std-proposals_at_[hidden]> wrote:
>>
>> There might be support for modular integers int_mod<m> ≔ ℤ/mℤ for a modulus m that fits into a fixed-sized word, say 4096 bits for use in cryptology, m ≤ 2⁴⁰⁹⁶. With recursive templates, like those I have written, for fixed-size unsigned integral types up to uint4096_t, it should not be difficult to implement.
>>
>> --
>> Std-Proposals mailing list
>> Std-Proposals_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
> --
> Std-Proposals mailing list
> Std-Proposals_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-proposals
Received on 2026-01-14 14:42:06