Published on: 2022-04-11T18:17:22+00:00
A recent discussion on the bitcoin-dev mailing list has proposed implementing a new address type that would be quantum safe. The suggested address type would combine secp256k1 and NTRU Prime, a post-quantum cryptography algorithm. While there are patent controversies surrounding NTRU Prime, a patent-free version called "sntrup" exists. The discussion also suggests adding a fee premium for using these addresses to address concerns about extra validation work for nodes. However, it is noted that this proposal may be premature as the results of the NIST Post-Quantum Cryptography competition have not been published yet.The NIST competition results are expected to be published by the end of April, with both NTRU and NTRU Prime making it to round three. However, there is some patent controversy associated with these algorithms. Erik Aronesty from bitcoin-dev has suggested implementing a similar address type and validation as a soft fork, allowing users to opt-in to quantum safe addresses. This approach would require additional work and validation for nodes, leading to the suggestion of adding a fee premium for using these addresses. While opinions on this idea differ, some believe it is too early to consider such measures.To address the issue of designing a PQ TR commitment in each key, a member of the Bitcoin community proposed creating a problem page on bitcoinproblems.org. This page would allow for a soft fork to enable spends in the event of quantum computing becoming a reality. The author/maintainer of the problem can be anyone who makes a PR to the repository, and the problem doesn't necessarily have to focus on a TR solution but could describe the problem with potential solution directions. Christopher Allen provided links to related resources, including a website and an academic paper.Christopher Allen also shared a link related to interesting research on quantum-safe approaches. The link provides information on software related to NTRU Prime. Additionally, he shared what he believes to be the original academic paper on the topic.In an email thread, Erik Aronesty expressed his opinion that quantum attacks are not a concern in the near future, comparing them to other technologies always "20 years away." While there have been reported approaches to quantum-attack resistance, many have fallen and more will likely fall in the next "20 years." Despite this, Christopher Allen found the research interesting and provided a link to the best approach. Blockchain Commons is willing to contribute a small grant if others fund the research.The proposal suggests implementing a similar address type and validation as a soft fork, followed by allowing people to opt-in to quantum safe addresses. It is acknowledged that this would require significant work and extra validation for nodes. To address this concern, adding a fee premium for using these addresses is considered reasonable. The writer does not endorse any action at this time, recognizing that it may be premature, but expresses willingness to create an NTRU bip or similar if there is sufficient support for the idea. This proposal was found on the OpenSSH release notes website.
Updated on: 2023-08-02T06:07:49.025580+00:00