2018.03.27 23:04:28 (978739554646622210) from Daniel J. Bernstein, replying to "mjos\dwez (@mjos_crypto)" (978728559563898881):
The internal C functions are documented in https://ntruprime.cr.yp.to/software.html. Reference implementations in Sage are at the top of the page. There's also a detailed spec saying mathematically what everything does. People too obtuse to find any of this are not encouraged to look at the code.
2018.03.27 20:05:01 (978694393602494465) from "Joachim Strömbergson (@Kryptoblog)", replying to "mjos\dwez (@mjos_crypto)" (978683722940801026):
So what code is it?
2018.03.27 20:07:04 (978694911687000064) from "mjos\dwez (@mjos_crypto)", replying to "Joachim Strömbergson (@Kryptoblog)" (978694393602494465):
One of the candidates in the NIST PQC Competition. The great mystery is that it's from @hashbreaker's team an Dan is generally considered a super-competent C coder. How he let this pass, no one knows. I'm spending 10x more time making it runnable than any other candidate.
2018.03.27 22:16:24 (978727457145720838) from "Joachim Strömbergson (@Kryptoblog)", replying to "mjos\dwez (@mjos_crypto)" (978694911687000064):
He used to like very short variable names. But that is far from unusual in crypto ref code, unfortunately. Ref codes are quite often not very user friendly and readable. I often which there were two - one optimized for speed, and one super readable and pedagogical.
2018.03.27 22:20:47 (978728559563898881) from "mjos\dwez (@mjos_crypto)", replying to "Joachim Strömbergson (@Kryptoblog)" (978727457145720838):
Well, in this case both reference and optimized code are the same and there are basically no comments in the code, like what each function or source code module is supposed to accomplish. Yes all names are really short.