[Cryptography] Opinions on signatures algorithms for post-quantum crypto?
waywardgeek at gmail.com
Tue Dec 8 00:57:44 EST 2015
On Mon, Dec 7, 2015 at 10:00 AM, David Wong <David.Wong at nccgroup.trust>
> Thoughts? Isn't that weird?
OK, since you're asking the high-noise crypto list for opinions, I'll offer
my high-noise $0.02.
I read the pseudo-code for NTRU. I have not attacked this problem enough
to get a feel for it, but my dumb arm-chair crypto knee-jerk reaction is
that it is a bit scary. There are plenty of NP-complete problems where it
is difficult to state an instance that is hard to solve, such as graph
isomorphism. This particular NP-complete problem looks harder, but I am
Multi-variate quadratics worry me even more. Also, the mqqsig256 algorithm
needs 789552 bytes for it's public key, which seems like a non-starter.
So, I'm back to hoping that NTRU or a similar algorithm will pan out. At
some point I need to waste a few weeks attacking it to convince myself that
it's core problem is likely difficult enough. I'm not nearly as good at
this as a bunch of skilled cryptographers, but a person flaw I have is that
I don't trust anyone else to do the analysis. I see security flaws
everywhere I look.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography