[cryptography] What's the state of the art in digital signatures? Re: What's the state of the art in factorization?

Samuel Neves sneves at dei.uc.pt
Wed Apr 28 20:39:49 EDT 2010


Perhaps McEliece wouldn't be the best example. The only "practical"
signature scheme based on the syndrome decoding hardness would be CFS,
which requires giant keys (to avoid information-set decoding attacks and
generalized birthday attacks) and is ridiculously slow to sign
(factorial(t) decoding tries in average, t at least 10).

Best regards,
Samuel Neves

On 26-04-2010 08:37, coderman wrote:
> On Thu, Apr 22, 2010 at 11:18 AM, Zooko O'Whielacronx <zookog at gmail.com> wrote:
>   
>> By the way, the general idea of One Hundred Year Security as far as
>> digital signatures go would be to combine digital signature
>> algorithms. Take one algorithm which is bog standard, such as ECDSA
>> ... and another which has strong security properties
>> and which is very different from ECDSA. ...
>>
>> Unfortunately I haven't stumbled on a digital signature scheme which
>> has good properties...
>>     
>
> try McEliece cryptosystem with QC-LDPC coding or other improved and
> hardened variant that suites your purposes.
>
> one caveat - a cryptographically strong, very plentiful hardware
> entropy source is required for any kind of usable key generation. but
> we all have those embedded on our processor die now, right? ... :P
>
> another benefit McEliece QC-LDPC can be made very fast on modern cores
> and GPU kernels.
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>
>   




More information about the cryptography mailing list