Thread - Nostr Hypermedia

lontivero _@lontivero.github.io 1 month ago

Oh yes, absolutely. In fact Trezor uses two signature algorithms for their firmwares, pre and post quamtum precisely for the case that the post quatum algo ends being unsafe. Unfortunately I don't remember the details. I hope some of them come and comment. ping @Hynek

↑ Parent

Replies (2)

waxwing 1 month ago

Yes that's a very good point. I remember now that DJB is a strong advocate for exactly this. Notice though how in performance critical applications, using even more space and time to do this is going to be ... ouch.

Hynek 1 month ago

The Trezor Safe 7 boardloader uses a hybrid scheme: Signed with both SLH-DSA and ECDSA (secp256r1). The ECDSA signature also signs the SLH-DSA signature. It is described in more technical details here

Going quantum: our choices for Trezor Safe 7’s quantum readiness

Trezor Safe 7 is quantum-ready from the core. Discover the cryptographic standards, hybrid verification, and authenticity measures that make it sec...

1 replies ↓