Re: What's the state of the art in digital signatures? Re: What's the state of the art in factorization?
Perhaps McEliece wouldn't be the best example. The only "practical"
signature scheme based on the syndrome decoding hardness would be CFS,
which requires giant keys (to avoid information-set decoding attacks and
generalized birthday attacks) and is ridiculously slow to sign
(factorial(t) decoding tries in average, t at least 10).
On 26-04-2010 08:37, coderman wrote:
> On Thu, Apr 22, 2010 at 11:18 AM, Zooko O'Whielacronx
>> By the way, the general idea of One Hundred Year Security as far as
>> digital signatures go would be to combine digital signature
>> algorithms. Take one algorithm which is bog standard, such as ECDSA
>> ... and another which has strong security properties
>> and which is very different from ECDSA. ...
>> Unfortunately I haven't stumbled on a digital signature scheme which
>> has good properties...
> try McEliece cryptosystem with QC-LDPC coding or other improved and
> hardened variant that suites your purposes.
> one caveat - a cryptographically strong, very plentiful hardware
> entropy source is required for any kind of usable key generation. but
> we all have those embedded on our processor die now, right? ... :P
> another benefit McEliece QC-LDPC can be made very fast on modern cores
> and GPU kernels.
> cryptography mailing list