Post-quantum Signatures #413
Comments
|
@mgajda this sounds like it would make an interesting CIP, but also keep in mind the CPS format in case your problem is more general than a specific proposal. There are some CIPs already for Plutus changes which maybe help to review the discussion on, if you haven't already: including one for increased cryptographic support (#250). |
rphair
changed the title
|
Of course, I would conform to CPS format. @rphair Can I get assigned tentative CIP number and start working on the pull request? |
|
That should be fine as a proposed CPS, which could also include what you mentioned specifically in #414. The general procedure is to first submit the CPS draft on GitHub: later, when the new PR comes up for review in our bi-weekly meeting, it would be assigned the next CPS number if & when it's accepted as a candidate. Another recommendation is to first post on the Cardano Forum where I can see you have an account: the Developers and CIPs groups might provide good initial discussion before you submit your draft. It can also be marked literally as "Draft" in the GitHub PR if you'd like to leave it posted on GitHub while you keep working on it (pending review). |
|
NIST progress posted in last month: NIST Releases First 3 Finalized Post-Quantum Encryption Standards |
|
Though #441 has been closed I think it will still be helpful to post relevant advances in quantum computing, attacks, mitigations, and their consequences for blockchains & hashing / encryption / signing algorithms in general. There has always been a question of timeline for any CIP / CPS on this subject and some scientific and/or cultural references might help us with that. |
and others
NIST Post Quantum Cryptography work group has selected three digital signature algorithms for standardization:
Estimates for PQC migration are within next 15 years, so it those smart contracts that want PQC hardness would certainly benefit from option to check PQC signatures.
While PQC algorithms are expected to be more secure than previous generation, the main issue is the signature size (666 bytes for Falcon, 2420 bytes for Dilithium, 8080 bytes for Sphincs+).
For this reason, these signature algorithms may be chosen by long-term security applications.
Proposal would involve:
Cryptoclass instance,When additional PQC algorithms are standardized by NIST and enjoy shorter signature size, we may add these as well. (But we should not hold, since the process may take years, possibly more than estimated for migration.)
Future PQC-hardening of wallets and blockchain should be considered a sequel to this proposal.
The text was updated successfully, but these errors were encountered: