<o​ieieio1:matrix.org> matrix.monero.social/_matrix/media/…matrix.org/uTdDyDVZTnwvSjFlsuufpTza

<o​ieieio1:matrix.org> matrix.monero.social/_matrix/media/…matrix.org/phDUjIDmHkPvKsejuKTRDevu

<o​ieieio1:matrix.org> matrix.monero.social/_matrix/media/…matrix.org/JemqmXSCyJidTSDxfQgSIbVW

<o​ieieio1:matrix.org> I recently watched a Monero podcast where kaya shared some insightful thoughts about Monero's potential future. It got me thinking about quantum resistance and how it might need to be addressed sooner than we expect.

<o​ieieio1:matrix.org> I have some experience working with quantum circuits and testing. In the past, I've written some code for brute-force methods before exploring Shor's algorithm. As we move closer to the era of practical quantum computing, it might be worthwhile to set up a basic framework to start testing quantum resistance for cryptocurrencies like Monero.

<o​ieieio1:matrix.org> What are your thoughts on this? Has anyone else explored quantum-resistant algorithms or started experimenting in this space?

<r​ucknium:monero.social> OIEIEIO: Have you read monero-project/research-lab #131 ?

<r​ucknium:monero.social> Post-quantum issues will be on the next MRL agenda, which is in almost exactly 24 hours (January 1, 17:00 UTC). You are free to join and participate. You can also discuss now, of course :)

<o​ieieio1:matrix.org> some sample testing code for brute force elliptic curve cryptography

<o​ieieio1:matrix.org> ```import concurrent.futures

<o​ieieio1:matrix.org> import random

<o​ieieio1:matrix.org> from time import time

<o​ieieio1:matrix.org> # Define elliptic curve parameters

<o​ieieio1:matrix.org> P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus

<o​ieieio1:matrix.org> A = 0

<o​ieieio1:matrix.org> B = 7

<o​ieieio1:matrix.org> BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240,

<o​ieieio1:matrix.org> 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point

<o​ieieio1:matrix.org> # Modular addition

<o​ieieio1:matrix.org> def modular_add(a, b, p):

<o​ieieio1:matrix.org> ```

<o​ieieio1:matrix.org> import random

<o​ieieio1:matrix.org> from time import time

<o​ieieio1:matrix.org> # Define elliptic curve parameters

<o​ieieio1:matrix.org> P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus

<o​ieieio1:matrix.org> A = 0

<o​ieieio1:matrix.org> B = 7

<o​ieieio1:matrix.org> BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240,

<o​ieieio1:matrix.org> 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point

<o​ieieio1:matrix.org> # Modular addition

<o​ieieio1:matrix.org> def modular_add(a, b, p):

<o​ieieio1:matrix.org> ```

<o​ieieio1:matrix.org> import concurrent.futures

<o​ieieio1:matrix.org> import random

<o​ieieio1:matrix.org> from time import time

<o​ieieio1:matrix.org> # Define elliptic curve parameters

<o​ieieio1:matrix.org> P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus

<o​ieieio1:matrix.org> A = 0

<o​ieieio1:matrix.org> B = 7

<o​ieieio1:matrix.org> BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240,

<o​ieieio1:matrix.org> 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point

<o​ieieio1:matrix.org> # Modular addition

<k​ayabanerve:matrix.org> OIEIEIO: We're not really going to benefit from writing programs from Quantum Computers

<k​ayabanerve:matrix.org> The plan isn't to move Monero to a QC, and it's already decently understood how a QC will impact Monero. The only reason to actually write programs for a QC would be for real-world benchmarks of attacks but we don't have access to top of the line QCs, so we can't actually get those benchmarks.

<k​ayabanerve:matrix.org> We really can keep everything on paper.

<o​ieieio1:matrix.org> understood

<o​ieieio1:matrix.org> just thinking...possible proposed Seraphis exploit 1

<o​ieieio1:matrix.org> ```# ElGamal encryption

<o​ieieio1:matrix.org> def elgamal_encrypt(P, private_key, random_value, p):

<o​ieieio1:matrix.org> C1 = scalar_multiply(P, random_value, p) # Commitment to random value

<o​ieieio1:matrix.org> C2 = point_add(scalar_multiply(P, private_key, p), scalar_multiply(P, random_value, p), p) # Public key + randomness

<o​ieieio1:matrix.org> return (C1, C2)

<o​ieieio1:matrix.org> # ElGamal decryption (for testing purposes)

<o​ieieio1:matrix.org> def elgamal_decrypt(C1, C2, private_key, p):

<o​ieieio1:matrix.org> return point_add(C2, scalar_multiply(C1, -private_key, p), p)

<o​ieieio1:matrix.org> ```

<k​ayabanerve:matrix.org> OIEIEIO: That is nonsensical. There's no exploit there, solely an invalid implementation of ElGamal, which Seraphis doesn't use, and even if it did use, there's no exploit unless that was the code deployed (as it's invalid)

<k​ayabanerve:matrix.org> Oops, sorry, I repeated my point about there not actually being an exploit posited twice

<o​ieieio1:matrix.org> hang on let me clear things up. I'm not suggesting any any exploits exist nor any QC use for monero. It was just an example of some research, just thoughtful share

<k​ayabanerve:matrix.org> "possible proposed Seraphis exploit 1"

<k​ayabanerve:matrix.org> Saying that, then inlining an invalid implementation of irrelevant cryptography, is why I responded as bluntly as I did.

<o​ieieio1:matrix.org> apologies for any other interpretation . Pre lude said "just thinking" I was just thinking.

<k​ayabanerve:matrix.org> I'm not trying to say you shouldn't discuss research here. I'm saying that isn't research.

<k​ayabanerve:matrix.org> If you actually want to discuss research, you need a new approach, such as never listening to LLMs about cryptography.

<k​ayabanerve:matrix.org> They can't even do something as basic as ElGamal correctly.

<o​ieieio1:matrix.org> ok kaya, I'll keep things to myself, did not mean to cause any interruptions

<k​ayabanerve:matrix.org> *oh, sorry, I'm unsure if you used an LLM. I thought that was prior stated but I don't see that upon double checking. That's my assumption but I don't want to state it as fact.

<k​ayabanerve:matrix.org> OIEIEIO: I'm not asking you not to participate.

<k​ayabanerve:matrix.org> Let's put it this way. What are you trying to do/how are you trying to participate?

<o​ieieio1:matrix.org> I have 10+ years in cryptography before the 1990, you can do the math, thought that might be helpful, but with that said I am quite busy so thank you for your time.

<s​yntheticbird:monero.social> bro was in cryo-stasis between between 90 and 24 somehow

<o​ieieio1:matrix.org> kinda when you can't talk about

<o​ieieio1:matrix.org> good day fellas Happy New Year, all the best