The microblog: 2022.05.25 00:51:51

2022.05.25 00:51:51 (1529233746922156032) from Daniel J. Bernstein:

"I'm not happy with the field of candidates for post-quantum public-key signature systems." 2003, in the posting that introduced the "post-quantum" phrase: Then surveyed these sig systems; almost all now broken, except hash-based.

2022.05.25 01:12:29 (1529238939323682816) from Daniel J. Bernstein:

Will today's post-quantum proposals turn out to have a better track record when we look back at them 18 years from now? Some people sound awfully confident in supposed dividing lines between new structured-lattice systems and old broken structured-lattice/structured-code systems.

2022.05.25 01:25:43 (1529242270280560640) from Daniel J. Bernstein:

When there's a long history of cryptographic failures, is this because there are a dozen pitfalls surrounding a safe core idea? Or is the core idea fundamentally flawed? It's deeply disturbing to see cryptographic decisions being made by people who think these are easy questions.