WE QUANTUM NOW
I just created a quantum secure cryptographic signature program. I call it the "Sterling Signature".
It's inspired by Lamport signatures, but with smaller keys, and I estimate it would take a quantum computer 1 billion years to break it. (also this is a one-time signature)
Here is how it works: Your private key is a list of 256 random numbers.
To get your public key you hash every random number and put it in a list, then you hash the entire list.
Now to sign a message, first you take the hash of the message. Every 1 or 0 of this has corresponds to one of your private random numbers. If it is a 1, you take the hash of the corresponding private. If it is a 0, you keep the number as it is. You make a list of numbers, some of them hashed and some not. This long-ass list is your signature.
To verify a signature, you need the MessageHash, the public key, and of course the signature. Take the SHA256 hash of the message you want to check, that is the MessageHash. The verify function applies the appropriate hashes and compares the value with your public key. If the values are the same, the signature is verified.
Here is the code:
https://pastebin.com/DgxccNih
The commands are easy:
genKeys()
>generates a public and private key for you.
sign(messageHash, PrivateKey)
>input everything as a string
verify(publicKey, messageHash, signature)
>easy, no?
With that being said, here is my public key:
0d5485c6fa55bbf397dec3bf90eb2da75007b748865a918b0407636935591e5f
We were doing post quantum cryptography in Paris/ to get away from your parents
Message hash: fb12da2cf3fdc4e63ce96941595637a2a4c9f542d2dbd391ca3b72f4231a4f73
Signature:
https://pastebin.com/1uixYQMV
Gathering pieces and learning more cur cit stuff for a micropython/C device project with the esp32
>>8920537
What you've described is a shittier version of the following:
https://en.wikipedia.org/wiki/Merkle_signature_scheme
We're basically good on hash-based post-quantum signatures; the above gives us a fail-safe. Why not think about something more interesting like post-quantum PKC based on different flavors of mathematical assumptions? As a starting point, you could look at constructions from RLWE or elliptic curve isogeny.
>>8920590
>What you've described is a shittier version of the merkle sig scheme
Can you read? "It's inspired by Lamport signatures" But, it's JUST as secure, so no it's not shittier.
>Why not think about something more interesting like post-quantum PKC
I'm listening...
>you could look at constructions from RLWE or elliptic curve isogeny
What can you tell me about these?
Know of any other crypto/quantcrypto that would be fun to implement?
>>8920625
There is a difference between Merkle signatures and Lamport signatures. Merkle signatures, like the scheme you've described, are based on Lamport signatures. The key difference is that Merkle signatures are more robust, reliable, and more easily reused (as far as 'easily reused' goes for hash-based signature schemes) due to a creative use of Merkle trees. Your construction is shittier because it does not enjoy the same properties.
>what can you tell me about RLWE and elliptic curve isogeny
The primary disadvantages of hash-based signatures are (a) the huge key sizes, (b) the limitation that signatures may only be produced a finite number of times before a keys must be destroyed, and (c) the interaction between the two which causes practical issues with things like key distribution. In the same way that classical cryptography relies on mathematical assumptions like discrete log in order to achieve public-key constructions (like signatures) which don't impose a half-life on keys, post-quantum cryptography attempts to do the same. RLWE and elliptic curve isogeny are two of the currently most favored quantum-safe assumptions.
>quantcrypto
Note that what you're working on/thinking about here isn't actually quantum crypo. It's quantum-SAFE crypto. Quantum crypto is something else entirely (cryptography which uses quantum properties to achieve security).
why should i even begin to learn algorithms for quantum computers
>>8921146
>The key difference is that Merkle signatures are more robust, reliable, and more easily reused
Oh, if THAT was all you were trying to say, then you first comment was basically just a way of telling me about merkle signatures unless I didn't already know about them.
If I posted a fun code about a caesar cipher, I'm guessing your retarded ass would post something like this:
>What you've described is a shittier version of the following:
>https://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher
neat
Why isn't the actual programming community over on /g/ this well-informed?
>>8920537
Anyone got any personal projects they want to post?
Let's see it, /sci/, no matter how simple.
>>8921883
Weebs. Weebs everywhere.
>>8921670
No, my first post was to point out that what you've produced is a pointless, primitive instantiation of something better which already exists. As I said, it's a shittier version of Merkle signatures.
For the record, 'my retarded ass' is an educated, published, and active member of this field you seem to be interested in.
>>8921968
I'm just starting to learn PySerial and PyQtGraph to plot output in realtime from a sensor mounted on an Arduino using Anaconda. Would it be beneficial to ditch Anaconda and set up an environment in Linux? I've seen anons shit on Anaconda on here but I never really understood why.
>>8922066
>No, my first post was to point out that what you've produced is a primitive instantiation of something better which already exists.
If you read my original post, you would see that I ALREADY KNEW IT EXISTS. Just because I don't mention the merkle tree variant in my OP, doesn't mean you should make a snarky post assuming I didn't know about merkle tree sigs. I already knew about merkle tree sigs before I made the post, (I actually have proof of this if you want to see). Stop being so pompous in assuming you know more than everyone else.
>pointless
It's a programming project.
>educated, published, and active member
I seriously doubt it. If you were actually educated, you would know that it's not pointless. This program is used for one-time signatures. Merkle Tree Sigs can be used multiple times, but the keys are larger. So there is a use to both of them. If you only need a one-time sig, there is no sense in making keys longer than they need to be.
>>8922066
I'm reading this thread and it's obvious that
>educated, published and active member
is going to provoke OP into requiring you to back up your claim. I get that 4chan is going to be cynical but you can't speak from a position of superiority after acting like a typical Anon, especially on a board that is otherwise full of pepe threads. What are you even doing here?