|
Title: Re: Proposal for eventual hash replacement Post by: bitbouillion on October 08, 2014, 04:43:02 PM What about SPHINCS?
http://sphincs.cr.yp.to/ It claims to be quantum-computer-hard. Title: Re: Proposal for eventual hash replacement Post by: gmaxwell on October 08, 2014, 11:01:12 PM That isn't a hash function. It's a signature system (sadly one based on the authors team's own Blake and chacha for performance reasons, instead of more standardized functions).
Its focus is on stateless reusable signatures. The cost is that the signatures are huge by our standards... 41,000 bytes (plus a kilobyte pubkey). In Bitcoin we shouldn't generally have long lived keys and so a 'few times signature' scheme or a small tree of one time signatures (plus state, which the blockchain can provide) are often better and can be done with dramatically smaller sizes. Certainly thats something I'd use for software releases, however! |