Topic: Is there a quantum resistance analog to ECDSA? (Read 1236 times)
Yes, extended Merkle-Lamport signatures (can be made reusable at the cost of increased length), they are based on hash functions, but are too large and unwieldy for practical use.
I would like to point you to https://bitcointalksearch.org/topic/ann-qrl-announcing-the-quantum-resistant-ledger-1730273
But it seems that all algorithms I found are prototypes and they weren't used in real applications.
Quantum computers do not exist even in prototypes 
When they will appear in prototypes it will be too late for us to seek a reliable solution. And it's possible that when it will happen we won't know about it for some time. There is good website about it:
https://pqcrypto.org
I'm asking about algorithm which is good for today purposes and could be good for post quantum era theoretically. And it should be already implemented in code of course.
But it seems that all algorithms I found are prototypes and they weren't used in real applications.
Quantum computers do not exist even in prototypes Thank you, bro
I think it obviously that I did some research before starting this topic. But it seems that all algorithms I found are prototypes and they weren't used in real applications.
Microsoft published a library for quantum-resistant digital signature algorithm called SIDH which is at present one of the most promising candidates. By theory it has 192 bits of classic resistance and 128 bits of quantum resistance. Like all things crypto, SIDH - and any replacement - will need a few years of real-world scrutiny in a quantum computer future to be considered safe for broader implementation, and then likely another few decades before, and if, it attains the status of unbreakable. SIDH is based around elliptic curves just like ECDSA.
Bitcoin uses ECDSA algorithm to create private keys and public keys (addresses) now. Does somebody know a quantum resistance analog of such algorithm which is good enough to be used in practice?
Jump to: