monero icon indicating copy to clipboard operation
monero copied to clipboard
verified publisher icon monero-project

Double bottomed private keys to prevent quantum attacks without losing efficiency

Open jdefgh opened this issue 3 years ago • 2 comments

Quantum Computers are not coming anytime soon, but when they do come, we're completely fucked. It's not worth switching to quantum resistant cryptography yet, because it's not efficient yet. Here's my idea how to not be completely fucked when the quantum computers arrive.

  1. Use wallet seed to generate a quantum resistant keypair
  2. Use the quantum resistant public key like wallet seed would normally be used

This way, when quantum computers arrive and everyone's private keys are revealed, the blockchain can be paused and the supply redistributed to the quantum resistant public keys derived from the revealed private keys on a new quantum resistant blockchain. This solution would require everyone making a new wallet, but this could be implemented along with Seraphis which would require new wallets anyway.

jdefgh avatar Jul 05 '22 12:07 jdefgh

Would this approach lock you into a particular quantum resistance scheme?

UkoeHB avatar Jul 06 '22 03:07 UkoeHB

Interesting idea, but the problem is that a quantum attacker would not care about your private keys. They would simply calculate the discrete logarithm of the point H used in the amount commitments, which would allow them to undetectably create arbitrary amounts of Monero out of thin air.

To prevent this attack, we would need something like a switch commitment for the amounts.

tevador avatar Jul 06 '22 16:07 tevador

There is a YouTube video that explains the possibilities about quantum computers and Monero.

d4f5409d avatar Sep 20 '23 13:09 d4f5409d

I have already been attacked with a quantum computer probably by the NSA because my opsec is so good they can't spy on me without hacking me so they think I am a spy or a criminal I had malware installed on my computer over ssh that was running behind tor authorized client it took them a month to break multiple ed25519 keys consistently this happened multiple times it is completely insane to think post quantum crypto doesn't need to be implemented now or that using a post quantum key as a seed for broken crypto is a good solution especially for a privacy coin post quantum crypto should have been implemented years ago when the attacks weren't already possible or even better before the first release because then all transactions would be private instead of being as transparent as Bitcoin to any nation state with enough money quantum computers that can break this aren't a future technology they exist now

JosiahBSharkey avatar Oct 28 '23 11:10 JosiahBSharkey