Author

Topic: Is there a quantum resistance analog to ECDSA? (Read 1251 times)

full member
Activity: 224
Merit: 117
▲ Portable backup power source for mining.
Yes, extended Merkle-Lamport signatures (can be made reusable at the cost of increased length), they are based on hash functions, but are too large and unwieldy for practical use.
sr. member
Activity: 248
Merit: 250
But it seems that all algorithms I found are prototypes and they weren't used in real applications.
Quantum computers do not exist even in prototypes  Grin

When they will appear in prototypes it will be too late for us to seek a reliable solution. And it's possible that when it will happen we won't know about it for some time. There is good website about it:

https://pqcrypto.org

I'm asking about algorithm which is good for today purposes and could be good for post quantum era theoretically. And it should be already implemented in code of course.   
legendary
Activity: 1260
Merit: 1019
But it seems that all algorithms I found are prototypes and they weren't used in real applications.
Quantum computers do not exist even in prototypes  Grin
sr. member
Activity: 248
Merit: 250

Thank you, bro Smiley

I think it obviously that I did some research before starting this topic.  But it seems that all algorithms I found are prototypes and they weren't used in real applications.
full member
Activity: 147
Merit: 100
Do you like fire? I'm full of it.
Microsoft published a library for quantum-resistant digital signature algorithm called SIDH which is at present one of the most promising candidates. By theory it has 192 bits of classic resistance and 128 bits of quantum resistance. Like all things crypto, SIDH - and any replacement - will need a few years of real-world scrutiny in a quantum computer future to be considered safe for broader implementation, and then likely another few decades before, and if, it attains the status of unbreakable. SIDH is based around elliptic curves just like ECDSA.
sr. member
Activity: 248
Merit: 250
Bitcoin uses ECDSA algorithm to create private keys and public keys (addresses) now. Does somebody know a quantum resistance analog of such algorithm which is good enough to be used in practice?
Jump to: