Author

Topic: Re: Proposal for eventual hash replacement (Read 1645 times)

staff
Activity: 4284
Merit: 8808
October 08, 2014, 06:01:12 PM
#2
That isn't a hash function. It's a signature system (sadly one based on the authors team's own Blake and chacha for performance reasons, instead of more standardized functions).

Its focus is on stateless reusable signatures. The cost is that the signatures are huge by our standards... 41,000 bytes (plus a kilobyte pubkey).  In Bitcoin we shouldn't generally have long lived keys and so a 'few times signature' scheme or a small tree of one time signatures (plus state, which the blockchain can provide) are often better and can be done with dramatically smaller sizes.

Certainly thats something I'd use for software releases, however!
sr. member
Activity: 868
Merit: 250
October 08, 2014, 11:43:02 AM
#1
What about SPHINCS?

 http://sphincs.cr.yp.to/

It claims to be quantum-computer-hard.
Jump to: