Author: Lloyd Fournier 2021-04-05 00:27:50
Published on: 2021-04-05T00:27:50+00:00
In a Bitcoin development forum, David A. Harding asked if anyone knowledgeable about elliptic curve cryptography (ECC) and quantum computing (QC) knew how to create output scripts with lower difficulty that could be used to measure the progress of QC-based EC key cracking. A user named LL responded, saying that it is relatively easy to do so with a trusted setup. The trusted party takes a secp256k1 secret key and verifiably encrypts it under a NUMS public key from the weaker group. If the weaker group's public key can be cracked, the secp256k1 secret key can be obtained. People then pay the secp256k1 public key funds to create the bounty. As long as the trusted party deletes the secret key afterwards, the scheme is secure. Splitting the trusted setup among several parties where only one of them needs to be honest is possible but would require some engineering and analysis work. LL provided a link to the Camenisch-Damgard paper on cut-and-choose verifiable encryption for further reading.
Updated on: 2023-06-14T19:35:35.009957+00:00