Ninjastic
PostEdited versionsQuotes to this post
Post was edited
 10 days ago (view)
Post
Topic
Board Development & Technical Discussion
Merits 3 from 2 users
Re: J. Lopp's Post-Quantum Migration BIP
by
ABCbits
on 28/07/2025, 09:53:00 UTC
⭐ Merited by Pmalek (2) ,vapourminer (1)
Quote from: Medusah on Today at 08:43:58 AM
Quote from: Pmalek on Today at 07:12:51 AM
On the current quantum-resistant algorithms, Lopp doesn't believe any is good enough for Bitcoin. He even said "they suck" if I remember it correctly. They take up too much space. The signatures and keys are longer and they are slower to verify. He clarified that the idea of the BIP is not to choose a post-quantum algorithm, but how to get the community to migrate to a new system asap after one is chosen.

These are the proposed solutions:
Quote from: https://x.com/NTeterel/status/1948112106915520607/photo/1

FYI source of that image is https://chaincode.com/bitcoin-post-quantum.pdf page 18.

Quote from: Medusah on Today at 08:43:58 AM
The least worst, in my opinion, is FALCON-512.  Easier to verify (0.6x), and "only" 10x in size, in comparison with Schnorr.  It will be 24x slower to sign it, but that's completely fine, IMO.

According to https://falcon-sign.info/, FALCON-512 can perform 5948.1 signing per second on i5-8259U. No one would notice 2ms to perform signing.