16:45:00 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/uTdDyDVZTnwvSjFlsuufpTza 16:45:56 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/phDUjIDmHkPvKsejuKTRDevu 16:46:50 https://matrix.monero.social/_matrix/media/v1/download/matrix.org/JemqmXSCyJidTSDxfQgSIbVW 16:47:00 I recently watched a Monero podcast where kaya shared some insightful thoughts about Monero's potential future. It got me thinking about quantum resistance and how it might need to be addressed sooner than we expect. 16:47:00 I have some experience working with quantum circuits and testing. In the past, I've written some code for brute-force methods before exploring Shor's algorithm. As we move closer to the era of practical quantum computing, it might be worthwhile to set up a basic framework to start testing quantum resistance for cryptocurrencies like Monero. 16:47:02 What are your thoughts on this? Has anyone else explored quantum-resistant algorithms or started experimenting in this space? 16:50:28 OIEIEIO: Have you read https://github.com/monero-project/research-lab/issues/131 ? 16:52:36 Post-quantum issues will be on the next MRL agenda, which is in almost exactly 24 hours (January 1, 17:00 UTC). You are free to join and participate. You can also discuss now, of course :) 17:03:12 some sample testing code for brute force elliptic curve cryptography 17:03:46 ```import concurrent.futures 17:03:46 import random 17:03:48 from time import time 17:03:50 # Define elliptic curve parameters 17:03:52 P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus 17:03:54 A = 0 17:03:56 B = 7 17:03:58 BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240, 17:04:00 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point 17:04:02 # Modular addition 17:04:04 def modular_add(a, b, p): 17:05:11 ``` 17:05:12 import random 17:05:14 from time import time 17:05:16 # Define elliptic curve parameters 17:05:18 P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus 17:05:20 A = 0 17:05:22 B = 7 17:05:24 BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240, 17:05:26 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point 17:05:28 # Modular addition 17:05:30 def modular_add(a, b, p): 17:06:02 ``` 17:06:04 import concurrent.futures 17:06:06 import random 17:06:08 from time import time 17:06:10 # Define elliptic curve parameters 17:06:12 P = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F # Large prime modulus 17:06:14 A = 0 17:06:16 B = 7 17:06:18 BASE_POINT = (55066263022277343669578718895168534326250603453777594175500187360389116729240, 17:06:20 32670510020758816978083085130507043184471273380659243275938904335757337423221) # Secp256k1 base point 17:06:22 # Modular addition 17:26:58 OIEIEIO: We're not really going to benefit from writing programs from Quantum Computers 17:27:54 The plan isn't to move Monero to a QC, and it's already decently understood how a QC will impact Monero. The only reason to actually write programs for a QC would be for real-world benchmarks of attacks but we don't have access to top of the line QCs, so we can't actually get those benchmarks. 17:28:51 We really can keep everything on paper. 17:29:34 understood 17:53:08 just thinking...possible proposed Seraphis exploit 1 17:53:19 ```# ElGamal encryption 17:53:20 def elgamal_encrypt(P, private_key, random_value, p): 17:53:22 C1 = scalar_multiply(P, random_value, p) # Commitment to random value 17:53:24 C2 = point_add(scalar_multiply(P, private_key, p), scalar_multiply(P, random_value, p), p) # Public key + randomness 17:53:26 return (C1, C2) 17:53:28 # ElGamal decryption (for testing purposes) 17:53:30 def elgamal_decrypt(C1, C2, private_key, p): 17:53:32 return point_add(C2, scalar_multiply(C1, -private_key, p), p) 17:53:34 ``` 20:01:57 OIEIEIO: That is nonsensical. There's no exploit there, solely an invalid implementation of ElGamal, which Seraphis doesn't use, and even if it did use, there's no exploit unless that was the code deployed (as it's invalid) 20:02:28 Oops, sorry, I repeated my point about there not actually being an exploit posited twice 20:04:15 hang on let me clear things up. I'm not suggesting any any exploits exist nor any QC use for monero. It was just an example of some research, just thoughtful share 20:04:47 "possible proposed Seraphis exploit 1" 20:05:36 Saying that, then inlining an invalid implementation of irrelevant cryptography, is why I responded as bluntly as I did. 20:05:40 apologies for any other interpretation . Pre lude said "just thinking" I was just thinking. 20:05:54 I'm not trying to say you shouldn't discuss research here. I'm saying that isn't research. 20:06:13 If you actually want to discuss research, you need a new approach, such as never listening to LLMs about cryptography. 20:06:22 They can't even do something as basic as ElGamal correctly. 20:07:07 ok kaya, I'll keep things to myself, did not mean to cause any interruptions 20:08:03 *oh, sorry, I'm unsure if you used an LLM. I thought that was prior stated but I don't see that upon double checking. That's my assumption but I don't want to state it as fact. 20:08:20 OIEIEIO: I'm not asking you not to participate. 20:08:34 Let's put it this way. What are you trying to do/how are you trying to participate? 20:17:00 I have 10+ years in cryptography before the 1990, you can do the math, thought that might be helpful, but with that said I am quite busy so thank you for your time. 20:18:32 bro was in cryo-stasis between between 90 and 24 somehow 20:21:20 kinda when you can't talk about 20:23:22 good day fellas Happy New Year, all the best