Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 510CAC002C for ; Mon, 11 Apr 2022 18:17:38 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 300A141506 for ; Mon, 11 Apr 2022 18:17:38 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.398 X-Spam-Level: X-Spam-Status: No, score=-1.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=q32-com.20210112.gappssmtp.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZlByy25jb1y0 for ; Mon, 11 Apr 2022 18:17:36 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) by smtp4.osuosl.org (Postfix) with ESMTPS id A09144136B for ; Mon, 11 Apr 2022 18:17:36 +0000 (UTC) Received: by mail-lf1-x133.google.com with SMTP id bu29so28227358lfb.0 for ; Mon, 11 Apr 2022 11:17:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=q32-com.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=gNA+xvIvJQpkKnLWrT6v5SryMjZjPczJ6/KzAmRMVcs=; b=tgdsYzHEXHnFMKN3WAABmFl1iBMDnikUVQ+GSqXEAcpbLnR/xQbUYkjqVk7wcdyUD0 ahpfilkqJ15JQcyj36A1elCOzSuWQ/kKwTyvQ4jQiiD4Qoh+MHYBfGDH8ZViNT4UN73I CDFwzsvl4AP7vpyvwz1n8cDS4od8TNkZddyKU0SlfrXuUnHGL9v8dFi9CVeYpcob4STg gfNaeJVuTJ/3TNOzcN/0mAH7VYOrwMAGdaowOTcAlZ8+7HlScpbSHCmzWszqrT4g1Iw3 Rt/Odw6UIp5cb5f0mwmRwkit2AwEMTR7Tiz0ehRDsZ/OiagjerV7BsbF95f4m13102zX dVWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=gNA+xvIvJQpkKnLWrT6v5SryMjZjPczJ6/KzAmRMVcs=; b=jkdKxnrLYMgTqUcmGoSSOUsWbCz3Ltj7zAZ/safFWqvhqeSpphYYdMEZm6j4VOVJFm ASP2g4VR1jx4EYt8YuVEAbxXkVMuiJLUB5UmdYV+aB/H0t413P5p2HiNUuILA+gam9H/ oJs6XK6589P1M1PcqegevjCUav5YjB5CVObmJ2YNvrttap+Nj8S2jq/MFTza2H4Sbio1 QX9s6o5O7azUZcO9BEchqMNhIcUOoIqn0IWfm0gPcizE8Pc7HxjI4mLdt6cbBu81yKRq NUnRJQ48g2TpJIOADXL7m1SQH9ekur2nZUwWmRiQSlJwlVSoWEyrkwBEChTGbh3Vqldy Wz9w== X-Gm-Message-State: AOAM533pQMBPIAqeF6zPbBe2SZomQu0QZVA/u3j7CX9StAdsWtEMPVQV 33N6i1IoXkmloILnAdyezRf9lJ0jv93xImQxCyAkyQ8= X-Google-Smtp-Source: ABdhPJzFONbZJfOtZdgt5kXfOqlDxO9T7edoZ0OVgpOjz6y9y5IKsMj8j1WWdIdgXCWz0XWKG6qND+lnnTEBBidQf6c= X-Received: by 2002:a05:6512:3b85:b0:46b:a0ea:aa46 with SMTP id g5-20020a0565123b8500b0046ba0eaaa46mr6090833lfv.145.1649701054521; Mon, 11 Apr 2022 11:17:34 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Erik Aronesty Date: Mon, 11 Apr 2022 14:17:22 -0400 Message-ID: To: Olaoluwa Osuntokun , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="0000000000005726c605dc64f528" X-Mailman-Approved-At: Mon, 11 Apr 2022 19:27:58 +0000 Subject: Re: [bitcoin-dev] Simple step one for quantum X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Apr 2022 18:17:38 -0000 --0000000000005726c605dc64f528 Content-Type: text/plain; charset="UTF-8" FWICT: Streamlined NTRU Prime (sntrup) has no known patent issues. Should be fine. Regardless, a "double-wrapped bitcoin address of some kind" can be specified, coded up and the relevant module replaced whenever the dust settles. I know Bitcoin doesn't (yet) have fee "weights", but i still think these addresses should be called "heavier" if they are at al significantly slower to validate. On Mon, Apr 11, 2022 at 2:07 PM Olaoluwa Osuntokun wrote: > The NIST Post-Quantum Cryptography competition [1] results should be > published "soon": > > https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/fvnhyQ25jUg/m/-pYN2nshBgAJ > . > > The last reply on that thread promised results by the end of March, but > since that has come and gone, I think it's safe to expect results by the > end > of this month (April). FWIW, NTRU and NTRU Prime both made it to round 3 > for > the public key encryption/exchange and digital signature categories, but > both of them seem to be mired in some sort of patent controversy atm... > > -- Laolu > > [1]: https://csrc.nist.gov/Projects/post-quantum-cryptography > > On Fri, Apr 8, 2022 at 5:36 PM Erik Aronesty via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> First step could be just implementing a similar address type >> (secp26k1+NTRU) and associated validation as a soft fork >> >> https://www.openssh.com/releasenotes.html#9.0 >> >> Then people can opt-in to quantum safe addresses >> >> Still should work with schnorr and other things >> >> It's a lot of work to fold this in and it's a some extra validation work >> for nodes >> >> Adding a fee premium for using these addresses in order to address that >> concern seems reasonable >> >> I'm not saying I endorse any action at all. Personally I think this is >> putting the cart like six and a half miles in front of the horse. >> >> But if there's a lot of people that are like yeah please do this, I'd be >> happy to make an NTRU bip or something. >> >> >> >> >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >> > --0000000000005726c605dc64f528 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
FWICT: Streamlined NTRU Prime (sntrup) has no known patent issues.=C2=A0 = =C2=A0

Should be fine.=C2=A0

Regardless, a "double-wrap= ped bitcoin address of some kind" can be specified, coded up and the r= elevant module replaced whenever the dust settles.=C2=A0 =C2=A0

I kn= ow Bitcoin doesn't (yet) have fee=C2=A0"weights", but i still= think these addresses should be called "heavier" if they are at = al significantly slower to validate.

On Mon, Apr 11, 2022 at 2:07 PM = Olaoluwa Osuntokun <laolu32@gmail.c= om> wrote:
The NIST Post-Quantum Cryptography competition [1] resul= ts should be
published "soon":
https://groups.google.com/a/list.nist.gov/g/pqc-forum/c/fvnhyQ2= 5jUg/m/-pYN2nshBgAJ.

The last reply on that thread promised= results by the end of March, but
since that has come and gone, I think = it's safe to expect results by the end
of this month (April). FWIW, = NTRU and NTRU Prime both made it to round 3 for
the public key encryptio= n/exchange and digital signature categories, but
both of them seem to be= mired in some sort of patent controversy atm...

-- Laolu

[1]= : https://csrc.nist.gov/Projects/post-quantum-cryptography<= br>

On Fri, Apr 8, 2022 at 5:36 PM Erik Aronesty via bitcoi= n-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">
First step could be just implementing a similar address type (sec= p26k1+NTRU) and associated validation as a soft fork=C2=A0

https://www.openssh.com/releasenotes.h= tml#9.0

Then people can op= t-in to quantum safe addresses

Still should work with schnorr and other things

It's a lot of work to fold this in and i= t's a some extra validation work for nodes

<= /div>
Adding a fee premium for using these addresses in or= der to address that concern seems reasonable

I'm not saying I endorse any action at all.=C2=A0 = Personally I think this is putting the cart like six and a half miles in fr= ont of the horse.

But if= there's a lot of people that are like yeah please do this, I'd be = happy to make an NTRU bip or something.



_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--0000000000005726c605dc64f528--