The microblog: 2023.06.19 10:57:42

2023.06.19 10:57:42 (Mastodon 110570521423615384, Twitter 1670747701569355779, Nitter 1670747701569355779) from Daniel J. Bernstein:

Wow, finally an honest version of FrodoKEM! New paper from Joel Gärtner proves that 2^128 QROM IND-CCA2 security for dimension 79510 with 37-bit modulus follows from a reasonably conjectured quantitative hardness assumption for worst-case approximate SIVP.