Quantum Tough
Terminology
- Quantum Resistant - A thing is quantum resistant if no known algorithm makes it easier to break with a quantum computer than a classical computer.
- Quantum Safe - A thing is quantum safe is it is proven that no possible algorithm would make it easier to break with a quantum computer than a classical computer.
Previously we used the term quantum resistant, which was in error. That is not the term for what we have going on (currently).
Where we started
It is estimated by people much smarter than I that 256-bit elliptic curve (like bitcoin uses) could be broken by a quantum computer with about 1600 qubits. RSA is expected to take 2x the key size (in bits) in qubits.
So a reasonable long term storage multisignature scheme might be a 3of3 consisting of:
- standard secp256k1 - in case someone breaks factoring to break RSA
- RSA 8192-bit - in case someone builds a quantum computer with a few thousand qubits
- DSTU 4145 - just to include something a bit different
This is enabled in the SnowBlossomClient. Simply put "key_mode=qhard" in your configuration before you make your wallet.
Note: the public keys and signature (which need to be included in a spending transaction will be large for that large of RSA). A transaction spending such a scheme would be at least 4k plus normal transaction overhead, so probably around 4.4k. Compare to a regular standard EC transaction, which is around 270 bytes.
So it might cost more in fees but could easily be worth it.
- EC - Quantum_computing_attacks
- how-many-qubits-are-required-to-break-rsa-2048-or-4096-with-a-universal-quantum
In short, if you use QHARD keys in your Snowblossom Client you should be safe until quantum computers are in the 16000 qubit range.
Where we are now
Having watched the NIST Post-Quantum Cryptography process, we have adopted the finalists into Snowblossom. Snowblossom now supports Sphinx+, Falcon and Dilithium keys.
Users will have to create new wallets to use these keys. See Wallet Types
