Tony Arcieri
Tony Arcieri
Open PR here. Feedback appreciated: https://github.com/rustsec/rustsec/pull/1206
As I don't happen to work on cryptographic algorithms that require signed arithmetic (instead we use modular arithmetic where negative values wrap around a modulus, e.g. DSA, RSA, and elliptic...
Using a built-in public signed number implementation rather than the private vendored implementation used for Bernstein-Yang is a good observation for a potential improvement, but signedness is half the story....
@erik-3milabs I'd suggest starting by adding signed integer support. Rather than my previous suggestion of trying to make `Uint`/`BoxedUnit` generic around the limb type, I'd investigate if it's possible to...
> As for implementing an Int module: how about I get started introducing... Sure, that sounds fine > The first step - moving from u64 to Limb - should not...
A few quick points: This library supports both fixed-width and variable-width big integers, and ideally we could share algorithmic implementations between the two forms (see #667). Generally I’d say the...
If you do end up going with a sign bit, it should probably be represented as a `subtle::Choice`. Sidechannels involving sign bits have been a source of key recovery attacks:...
Possible dup of https://github.com/RustCrypto/traits/pull/1707
We could also ask some of those downstream users how much they really need the feature
@burdges the `batch` feature in `ed25519-dalek` works without `legacy_compatibility` enabled