thanks @HeptaSean - I’ve posted that in a (currently stalled) attempt to formulate a CIP for this:
cardano-foundation:master ← mgajda:michal/post-quantum-plutus
opened 12:21AM - 19 Jan 23 UTC
This is preliminary draft for #413: PostQuantum signature primitives in Plutus a… nd native wallets.
NIST Post Quantum Cryptography work group has [selected three digital signature algorithms for standardization](https://csrc.nist.gov/projects/post-quantum-cryptography/selected-algorithms-2022):
* DILITHIUM-CRYSTALS
* Falcon
* SPHINX+
Estimates for PQC migration are within next 15 years, so it those smart contracts that want PQC hardness would certainly benefit from option to check PQC signatures.
While PQC algorithms are expected to be more secure than previous generation, the main issue is the [signature size](https://sofiaceli.com/2022/07/05/pq-signatures.html) (666 bytes for Falcon, 2420 bytes for Dilithium, 8080 bytes for Sphincs+).
For this reason, these signature algorithms may be chosen by long-term security applications.
Proposal would involve:
* implementing Falcon, Dilithium, and Sphincs+ as `Crypto` class instance,
* adding Plutus instructions to call these signature algorithms,
* providing a test "vesting" contract that releases funds after combination of signatures is given.
When additional PQC algorithms are standardized by NIST and enjoy shorter signature size, we may add these as well. (But we should not hold, since the process may take years, possibly more than estimated for migration.)
Future PQC-hardening of wallets and blockchain should be considered a sequel to this proposal.
---
([rendered proposal in branch](https://github.com/mgajda/CIPs/blob/michal/post-quantum-plutus/CIP-%3F%3F%3F%3F/README.md))
… and in the related issue, I believe suggesting Cardano needs a CPS (problem definition) rather than a CIP (practical, immediate solution) on the subject:
opened 02:37PM - 11 Dec 22 UTC
NIST Post Quantum Cryptography work group has [selected three digital signature … algorithms for standardization](https://csrc.nist.gov/projects/post-quantum-cryptography/selected-algorithms-2022):
* DILITHIUM-CRYSTALS
* Falcon
* SPHINX+
Estimates for PQC migration are within next 15 years, so it those smart contracts that want PQC hardness would certainly benefit from option to check PQC signatures.
While PQC algorithms are expected to be more secure than previous generation, the main issue is the [signature size](https://sofiaceli.com/2022/07/05/pq-signatures.html) (666 bytes for Falcon, 2420 bytes for Dilithium, 8080 bytes for Sphincs+).
For this reason, these signature algorithms may be chosen by long-term security applications.
Proposal would involve:
* implementing Falcon, Dilithium, and Sphincs+ as `Crypto` class instance,
* adding Plutus instructions to call these signature algorithms,
* providing a test "vesting" contract that releases funds after combination of signatures is given.
When additional PQC algorithms are standardized by NIST and enjoy shorter signature size, we may add these as well. (But we should not hold, since the process may take years, possibly more than estimated for migration.)
Future PQC-hardening of wallets and blockchain should be considered a sequel to this proposal.
3 Likes