Quantum resistance

The Cardano roadmap emphasises quantum resistant signatures:

As I understand the Ouroboros consensus foundations (namely, the RNG) uses non-quantum secure crypto. Indeed, the SCRAPE paper provides two constructions, one based on DDH and the other on pairings, both of which break under quantum computers.

Why develop quantum-secure signatures if the consensus layer would break with quantum computers?

1 Like

I think they will work on it in the future, as the whole protocol must be quantum resistant.

DDH is just an assumption which holds for some certain groups, and they use it because it can prove that the PVSS is provably secure. But, PVSS can be easily lifted up to QROM by replacing the DDH with some supersingular elliptic curve (SEC) based algorithm.

1 Like

I love this forum, where such interesting questions are asked!
As I am not an expert in the field of quantum research, this one was an interesting read for me.

It’s not that I see myself as a crypto genius in any way, but I hear myself saying around two years ago two things:
1.) it looks like blockchain projects still have to discover that disrupting traditional banking will be much more complicated than expected.
2.) I would not be surprised if in the end, when all physical, mathematical and informatic limits have been exhausted and many compromises have been made, the end result will correspond almost exactly to the human brain and thinking.


Interesting reading, but the issue is that we cannot even imagine how these new technologies would shape the future as we could not imagine the same abt 30yrs ago that how PC/Internet would change the world, which is just an example of the disruptive technologies that have shaped our world to became what it is today.

Also, do not forget the Biology, CRISPR or other upcoming gene editing tools are at least as disruptive as these four above mentioned in the reading.