Hash-Based Signature Schemes for Post-Quantum Bitcoin \ stacker news ~bitcoin

Hash-Based Signature Schemes for Post-Quantum Bitcoin conduition.io/cryptography/quantum-hbs/

16.6k sats \ 8 comments \ @conduition 22 Oct bitcoin

Salutations fellow stackers.

I've spent the last month researching the threat of quantum computing to Bitcoin, and how this threat could be concretely addressed without any new cryptographic assumptions, using one particular flavor of post-quantum cryptography: hash-bashed signature schemes. This article is the finished product of that research - you might call it a digest of my findings.

At the end of the article, I propose a novel option called "Digests as Secret Keys" (DASK) which uses these algorithms to add a post-quantum fallback option to regular bitcoin addresses, without relying on complex new technology like ZK-STARKs (that will be my next focus). This upgrade could be implemented today, but would defer consensus changes until a practical quantum computer appears close at hand. More discussion about that here.

view all related items

247 sats \ 1 reply \ @OT 22 Oct

Thank you!

How do you think a ZK STARKS solution will go down with all the aversion to other "sh$tcoin" technology?

283 sats \ 0 replies \ @conduition OP 21h

ZK STARKs are very powerful and will certainly be useful for off-chain bitcoin smart contracts, rollups, etc, but STARKs are very complicated and inefficient.

An average bitcoin dev could probably implement almost any hash-based signature algorithm in a day or two. Contrastingly, implementing a STARK prover/verifier seems to demand teams of people with years of expert knowledge in the domain. Even established STARK software like Winterfell suffer from awful usability/ergonomics. Read their README and examples, and you'll see what I mean.

I don't think we should build on-chain bitcoin security standards based on such things without a simple easy-to-use library to depend on, like libsecp256k1 is today. Perhaps there will be a more stable and usable STARK library in the future but so far I haven't found any. The closest is RISC0, but AFAICT it's bugged for secp256k1 usage, and they're not fixing it.

100 sats \ 1 reply \ @ch0k1 22 Oct

WoW 😲 Awesome job dude 👏

Is there any way to contact/DM you somewhere?

0 sats \ 0 replies \ @conduition OP 21h

Thanks! Check out the landing page of my website, https://conduition.io - I have my contact details posted there

21 sats \ 0 replies \ @IamSINGLE 22 Oct

This might interest you to speed up on your research.

#735349

While I don't believe that quantum computers can harm Bitcoin. I welcome your research as I can also be wrong.

0 sats \ 0 replies \ @hasherstacker 23 Oct

Thank you for the good work

0 sats \ 0 replies \ @Rsync25 22 Oct

👀

5 sats \ 0 replies \ @Jade001sand 22 Oct outlawed

stackers have outlawed this. turn on wild west mode in your /settings to see outlawed content.