On 20/02/14 21:30, Zooko Wilcox-OHearn wrote: > in attendance: Zooko, Daira > > Zooko was distracted by trying to get publicity for his startup > (https://LeastAuthority.com) from this news: > > https://spideroak.com/blog/20140220090004-responsibly-bringing-new-cryptography-product-market > > https://news.ycombinator.com/item?id=7271030 > > http://www.reddit.com/r/programming/comments/1yg0ow/responsibly_bringing_a_new_cryptography_product/ > > Daira and Zooko tried to find a paper that they both vaguely > remembered reading, which claimed to be a more intuitive, > understandable explanation of Bleichenbacher and Maurer's scheme for > asymptotically-better hash-based one-time digital signatures. They > didn't find it, but they did find a paper by C. Dods, N.P. Smart, and > M. Stam that claimed to improve on it.
In the Dev Chat I said that the Dods-Smart-Stam scheme claimed an asymptotic improvement on the Winternitz OTS. Actually it doesn't; the efficiency (defined as number of bits signed divided by number of hash computations, roughly speaking) of the Dods-Smart-Stam scheme is (log_2 w)/w, whereas for Winternitz it is t/2^t. But by setting w = 2^t, those are the same. So any improvement is only by a constant factor. -- Daira Hopwood ⚥
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tahoe-dev mailing list [email protected] https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
