SHRINCS: 324-byte stateful post-quantum signatures with static backups

In the discussion regarding the security implications of restoring a disk backup containing an old wallet state, it is noted that the Trusted Platform Module (TPM) on the same machine retains the decryption or XMSS key, thus posing a potential risk. This raises concerns about the possibility of reusing the old state for signing purposes, which could compromise the integrity of transactions or data secured by the wallet. The core of the issue revolves around the mechanisms by which cryptographic keys are managed and protected, particularly in scenarios where backups might be used to restore previous states of digital wallets.

The conversation suggests a need for robust security measures that can prevent the misuse of cryptographic keys in such scenarios. This includes ensuring that the TPM or any secure element involved does not inadvertently facilitate unauthorized actions following the restoration of backups. It highlights the importance of designing systems with forethought towards how backups and key management interact, especially in the context of maintaining the security of cryptographic operations over time.