P2QRH / BIP-360 Update

The discussion centers on the prospects of FALCON+, a cryptographic algorithm, likely achieving approval from NIST despite challenges in surpassing "80 bits of security." The enhancements to FALCON+ have notably increased its security with only a minimal increase in cost and no additional data overhead, as detailed in a document available at eprint.iacr.org. In contrast, SECP256k1, another cryptographic standard used in Bitcoin, has seen its security diminish over the past 16 years. However, specific attacks have not compromised its implementation within Bitcoin, thanks to prudent design decisions such as non-interactive signing and the use of salt and hashes.

The advice is given to postpone the adoption of FALCON or FALCON+ until they are officially standardized, citing significant weaknesses that, although not entirely compromising the algorithms, necessitate caution due to their susceptibility to certain types of attacks and the presence of parameters weaker than expected. Despite these concerns, once standardized, a rapid implementation of FALCON+ is recommended. Additionally, NTRU Prime is presented as a preferable alternative for quantum-resistant cryptographic solutions, echoing previous communications.

Concerns are raised regarding NIST's history with public key standards, suggesting the possibility of intentionally inserted backdoors in past standards, which casts a shadow of doubt over future standardizations. This skepticism is rooted in the peculiar choice of parameters for previously standardized public key systems (P224, P256, P384).

The importance of transitioning Bitcoin to quantum-safe cryptographic standards is underscored by the risk posed to 1-6 million BTC, whose public keys are already known. While many of these could potentially migrate to more secure protocols like p2pkh, the establishment of quantum-safe addresses would significantly enhance security signals. Moreover, the shift towards post-quantum cryptography is not just a matter of improving Bitcoin's security but is also becoming a requirement by various government agencies worldwide, including directives from the White House. The call to action emphasizes the urgency of migrating to quantum safety before 2027 to protect against evolving threats.