Gotta disagree. It's neat, but I don't like to see it in the real world.
For a start, I don't know how to type these on a keyboard.
Secondly, most people wouldn't know what these symbols are called. Granted, those looking at the code probably have a greater chance of knowing. But it isn't friendly code in my opinion. I think clarity is key, and "rho" or "sigma" are pretty clear.
Also, add in that there's a constant "n" and a constant "η". Just begging for confusion.
In a more general sense I'd agree, but in this instance, the ML-KEM draft specification (FIPS 203) uses the exact same greek symbols.
This code will be read many more times than it is written, and anyone auditing its correctness will be comparing against the spec.
If the variables are spelt out, then you have to do the mental (or otherwise) translation before you can compare the two, adding overhead. For comparing the symbols visually, you don't even need to know their names.
> For comparing the symbols visually, you don't even need to know their names.
Well, no, this was the main issue with homograph attacks in domain names [1] that brought us to the use of punycode in browsers [2]
In particular for a cryptographic library, I wouldn't want to constantly have to watch out for sneaky malicious variables put in the right place (e.g. try to compare visually the Cyrillic а, с, е, о, р, х, у with the ascii a, c, e, o, p, x, y (no, they're not the same characters).
EDIT: I realize that many programming languages today allow the use of unicode variables and I like that it's a possibility, it's just not the best when you need to be paranoid about the code
Preventing/detecting homoglyph attacks is a feature of competent text editors, and not a feature of the source code itself. If the source spelt out the variable names using latin characters, it would be no more or less susceptible to being backdoored in this way.
> the ML-KEM draft specification (FIPS 203) uses the exact same greek symbols
I'm as proud of my heritage as the next Greek-American, but just because mathematicians use unintelligible symbols in their manuscripts doesn't mean we have do the same thing in code. Let's prioritize comprehensibility and give variables meaningful names, instead.
FIPS 203 is not a math paper, it's a specification, giving concrete algorithms that use aforementioned variable names. Maybe they should use more descriptive variable names in the spec (you could tell them about it - they accept and respond to feedback from the public), but in the meantime, I think it's more useful for an implementation to use the same variable names as the spec.
> For a start, I don't know how to type these on a keyboard.
You can learn how to do that, even find a way to type "sigma", but more importantly, it best benefits readers, not writers, so you don't need to learn to type it
> and "rho" or "sigma" are pretty clear.
no it's not, where would you get clarity from is all the clarifying literature for these notions use the actual math notation σ?
> "n" and a constant "η". Just begging for confusion
looks very distinct, one is obviously mathy, another isn't
I think you misinterpreted their comment. It's not that only people who use Unicode characters should be doing crypto math. It's that if you're doing crypto math, you certainly know what the symbols mean since they're used in the original specification, so reading the code shouldn't be a problem.
Yeah, so they don't actively handle them as greek letters and translate the variable name. Nevertheless, if you don't know what those mean, there is a great chance that you do not understand the whole thing enough, that way you shouldn't touch any crypto code.
following the old adage: "never roll your own crypto"
I am not saying you should use Unicode symbols in your code... What I am saying is that not knowing how to read greek alphabet, a corner stone of math and physics, does not bode well for someone working on cryptography algorithms, arguably one of the most practical uses of math.
For a start, I don't know how to type these on a keyboard.
Secondly, most people wouldn't know what these symbols are called. Granted, those looking at the code probably have a greater chance of knowing. But it isn't friendly code in my opinion. I think clarity is key, and "rho" or "sigma" are pretty clear.
Also, add in that there's a constant "n" and a constant "η". Just begging for confusion.