📅 Original date posted:2018-02-12 📝 Original message:Hi all, Recently I've been ...

Tristan Hoy [ARCHIVE] /

npub1ep2…u796

2023-06-07 18:10:36

in reply to nevent1q…hdpy

📅 Original date posted:2018-02-12
📝 Original message:Hi all,

Recently I've been exploring what a post-quantum attack on Bitcoin would
actually look like, and what options exist for mitigating it.

I've put up a draft of my research here:
https://medium.com/@tristanhoy/11271f430c41

In summary:
1) None of the recommended post-quantum DSAs (XMSS, SPHINCS) are scalable
2) This is a rapidly advancing space and committment to a specific
post-quantum DSA now would be premature
3) I've identified a strategy (solution 3 in the draft) that mitigates
against the worst case scenario (unexpectedly early attack on ECDSA)
without requiring any changes to the Bitcoin protocol or total committment
to a specific post-quantum DSA that will likely be superseded in the next
3-5 years
4) This strategy also serves as a secure means of transferring balances
into a post-quantum DSA address space, even in the event that ECDSA is
fully compromised and the transition is reactionary

The proposal is a change to key generation only and will be implemented by
wallet providers.

Feedback would be most appreciated.

Regards,

Tristan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180213/a2ca6c0e/attachment.html>;

Author Public Key

npub1ep2e4afh7kpasqeed62j0x4hfda7junmaumuhtfrz48qlg7d8qys4fu796

Seen on

wss://relay.nostr.band

Show more details

Published at

2023-06-07 18:10:36

Kind type

1 Short Text Note

Event JSON

{ "id": "4a1ea42755bf427ce3fa6d01e3df306e9eba071067452414b97f0da01d5dbfc3", "pubkey": "c8559af537f583d803396e95279ab74b7be9727bef37cbad23154e0fa3cd3809", "created_at": 1686161436, "kind": 1, "tags": [ [ "e", "74cac95639ddcdb0a3025aa02802000639d0d8a449d57b4ca47e5dcff3c843f3", "", "reply" ], [ "p", "a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0" ] ], "content": "📅 Original date posted:2018-02-12\n📝 Original message:Hi all,\n\nRecently I've been exploring what a post-quantum attack on Bitcoin would\nactually look like, and what options exist for mitigating it.\n\nI've put up a draft of my research here:\nhttps://medium.com/@tristanhoy/11271f430c41\n\nIn summary:\n1) None of the recommended post-quantum DSAs (XMSS, SPHINCS) are scalable\n2) This is a rapidly advancing space and committment to a specific\npost-quantum DSA now would be premature\n3) I've identified a strategy (solution 3 in the draft) that mitigates\nagainst the worst case scenario (unexpectedly early attack on ECDSA)\nwithout requiring any changes to the Bitcoin protocol or total committment\nto a specific post-quantum DSA that will likely be superseded in the next\n3-5 years\n4) This strategy also serves as a secure means of transferring balances\ninto a post-quantum DSA address space, even in the event that ECDSA is\nfully compromised and the transition is reactionary\n\nThe proposal is a change to key generation only and will be implemented by\nwallet providers.\n\nFeedback would be most appreciated.\n\nRegards,\n\nTristan\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20180213/a2ca6c0e/attachment.html\u003e", "sig": "e8dc8f54e5faee85ba8dc0ec7763e201e40f41a94cc647073771d6d9b27cfcc5b3dba30aa2859c6d67d6b8d8474a7c1f7bb7035424cff502e848d6c009b1e06c" }