Bitcoin Forum
December 11, 2017, 11:50:38 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Just throwing this out there: Using multiple forms of encryption for redundancy  (Read 843 times)
barbarousrelic
Hero Member
*****
Offline Offline

Activity: 675


View Profile
July 30, 2012, 06:39:41 PM
 #1

It's unlikely, but possible, that someone could break ECDSA or SHA256, which would be bad for the Bitcoin community.

What would be the drawbacks of using two methods of encryption, one on top of the other, so that if either one is broken, Bitcoin remains unaffected?

I presume it would be far less likely for two distinct forms of encryption to be defeated at exactly the same time, than to have one broken.

Are there strong, well-tested encryption schemes that are based on mathematics sufficiently distinct from ECDSA?

Side question: Do there exist viable forms of cryptography which are thought not to be defeatable by a quantum computer? I've heard of "Unbalanced Oil and Vinegar" which is supposed to be quantum-computer-resistant but not thoroughly tested.

Do not waste your time debating whether Bitcoin can work. It does work.

"Early adopters will profit" is not a sufficient condition to classify something as a pyramid or Ponzi scheme. If it was, Apple and Microsoft stock are Ponzi schemes.

There is no such thing as "market manipulation." There is only buying and selling.
1512993038
Hero Member
*
Offline Offline

Posts: 1512993038

View Profile Personal Message (Offline)

Ignore
1512993038
Reply with quote  #2

1512993038
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1512993038
Hero Member
*
Offline Offline

Posts: 1512993038

View Profile Personal Message (Offline)

Ignore
1512993038
Reply with quote  #2

1512993038
Report to moderator
1512993038
Hero Member
*
Offline Offline

Posts: 1512993038

View Profile Personal Message (Offline)

Ignore
1512993038
Reply with quote  #2

1512993038
Report to moderator
1512993038
Hero Member
*
Offline Offline

Posts: 1512993038

View Profile Personal Message (Offline)

Ignore
1512993038
Reply with quote  #2

1512993038
Report to moderator
notme
Legendary
*
Offline Offline

Activity: 1848


View Profile
July 30, 2012, 06:45:54 PM
 #2

It's unlikely, but possible, that someone could break ECDSA or SHA256, which would be bad for the Bitcoin community.

What would be the drawbacks of using two methods of encryption, one on top of the other, so that if either one is broken, Bitcoin remains unaffected?

I presume it would be far less likely for two distinct forms of encryption to be defeated at exactly the same time, than to have one broken.

Are there strong, well-tested encryption schemes that are based on mathematics sufficiently distinct from ECDSA?

Side question: Do there exist viable forms of cryptography which are thought not to be defeatable by a quantum computer? I've heard of "Unbalanced Oil and Vinegar" which is supposed to be quantum-computer-resistant but not thoroughly tested.

Keep in mind a "break" never shatters an encryption or hashing method.  It always happens in small incremental improvements on brute force techniques.

That said, doubling up on the hash should be simple and would likely improve security.  I believe layering ECDSA with another signing/verification method would be a little more challenging, but I don't have a strong enough crypto background to delve into how that might work.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
Sergio_Demian_Lerner
Hero Member
*****
expert
Offline Offline

Activity: 539


View Profile WWW
July 30, 2012, 07:27:22 PM
 #3

Mekle-Winternitz signatures are Quantum-computer proof.

To achieve composed security form signatures is very easy, you just sign the transaction with two different signature schemes and only allow it if both are valid.

Both methods can be added to Bitcoin, but both require a hardfork.

Best regards.
notme
Legendary
*
Offline Offline

Activity: 1848


View Profile
July 30, 2012, 07:33:38 PM
 #4

Mekle-Winternitz signatures are Quantum-computer proof.

To achieve composed security form signatures is very easy, you just sign the transaction with two different signature schemes and only allow it if both are valid.

Both methods can be added to Bitcoin, but both require a hardfork.

Best regards.


Double signatures is a nonsolution.  If one is broken, that means they will be attacking the private key.  If the private key is discovered, both signatures can be generated.  You need two separate private keys and a way to combine the public keys into a single address.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
Sergio_Demian_Lerner
Hero Member
*****
expert
Offline Offline

Activity: 539


View Profile WWW
July 30, 2012, 08:27:26 PM
 #5

Double signatures is a nonsolution.  If one is broken, that means they will be attacking the private key.  If the private key is discovered, both signatures can be generated.  You need two separate private keys and a way to combine the public keys into a single address.

I clearly said "two different signature schemes". That means two different public keys, two private keys, two algorithms, read forum messages twice  Smiley

notme
Legendary
*
Offline Offline

Activity: 1848


View Profile
July 30, 2012, 08:29:10 PM
 #6

Double signatures is a nonsolution.  If one is broken, that means they will be attacking the private key.  If the private key is discovered, both signatures can be generated.  You need two separate private keys and a way to combine the public keys into a single address.

I clearly said "two different signature schemes". That means two different public keys, two private keys, two algorithms, read forum messages twice  Smiley



I thought you were referring to using the same private data as the key for both schemes.  I'm sorry for misinterpreting, but reading twice doesn't clarify it.  However, you don't tackle the real problem, which is how do you combine these two schemes in a way that is compatible with the design of bitcoin.

https://www.bitcoin.org/bitcoin.pdf
While no idea is perfect, some ideas are useful.
12jh3odyAAaR2XedPKZNCR4X4sebuotQzN
blueadept
Full Member
***
Offline Offline

Activity: 225


View Profile
July 30, 2012, 08:35:10 PM
 #7

Just add a new opcode to verify a different signature scheme. Then use it in scripts just like the existing opcodes. You can hash the keys and entire scripts exactly like now.

Like my posts?  Connect with me on LinkedIn and endorse my "Bitcoin" skill.
Decentralized, instant off-chain payments.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!