pull down to refresh

Quantum computers will break most digital signatures we rely on today
  • RSA → Broken by Shor’s Algorithm
  • ECDSA → Weakened by Grover’s Algorithm

NIST (National Institute of Standards and Technology) is selecting new algorithms that resist quantum attacks.
They fall into several categories:
  • Hash-based
  • Lattice-based
  • Code-based
  • Multivariate
  • Isogeny-based
Among the hash-based options, NIST picked SPHINCS+ as the conservative fallback
📄 Ref paper

SPHINCS+ is built entirely from hash functions
Why hash functions?
"There’s no known good attacks against hash functions."
The best attempt so far is the BHT algorithm which proposes a quantum collision attack using Grover’s algorithm. But DJB dismissed it in his paper

It’s a pretty complicated algorithm.

So in this series, we’ll break it down, one layer at a time.

Next Post:
👉 Lamport Signature

📌 Make sure to follow @bitcoin_devs so you don't miss it.

More resources: