Quantum computers will break most digital signatures we rely on today

 (National Institute of Standards and Technology) is selecting new algorithms that resist quantum attacks.

"There’s no known good attacks against hash functions."

The best attempt so far is the BHT algorithm which proposes a quantum collision attack using Grover’s algorithm. But DJB dismissed it in 

we’ll break it down, one layer at a time.

bitcoin

![Quantum Threat](https://m.stacker.news/103102)

**Quantum computers will break most digital signatures we rely on today**

- **RSA** → Broken by **Shor’s Algorithm**  
- **ECDSA** → Weakened by **Grover’s Algorithm**

---

**NIST** (National Institute of Standards and Technology) is selecting new algorithms that resist quantum attacks.

They fall into several categories:

- Hash-based  
- Lattice-based  
- Code-based  
- Multivariate  
- Isogeny-based

Among the **hash-based** options, NIST picked **SPHINCS+** as the *conservative fallback*  
📄 [Ref paper](https://eprint.iacr.org/2023/411.pdf)

---

**SPHINCS+** is built entirely from **hash functions**

> Why hash functions?  
> *"There’s no known good attacks against hash functions."*  

*The best attempt so far is the BHT algorithm which proposes a quantum collision attack using Grover’s algorithm. But DJB dismissed it in [his paper](https://cr.yp.to/hash/collisioncost-20090823.pdf)*

--- 
It’s a pretty complicated algorithm.

![SPHINCS+ Stack](https://m.stacker.news/103103)

---

So in this series, **we’ll break it down, one layer at a time.**

![Layer Breakdown](https://m.stacker.news/103104)

---

**Next Post:**  
👉 *Lamport Signature*

---

📌 Make sure to follow **@bitcoin_devs** so you don't miss it.

---

**More resources:**

- [SPHINCS+ paper](https://eprint.iacr.org/2023/411.pdf)  
- [SPHINCS+ explainer by @ roasbeef](https://drive.google.com/file/d/12UlzfGvG09IwvzWscL2FT8CoewGBWlGD/view)  
- [Quantum Bitcoin Summit by @PresidioBitcoin](https://youtube.com/watch?v=GeUdu4hrBPI&t=10728s)
