commit 4637a1ea6b0386f92901a13fa5844a78fdfc941a
parent c47745a1b3aab470035b1883b08e4f6e7131038f
Author: Jeffrey Burdges <burdges@gnunet.org>
Date: Thu, 18 May 2017 14:35:34 +0200
Do we really need to mention post-quantum RSA? lol
Diffstat:
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/doc/paper/taler_FC2016.txt b/doc/paper/taler_FC2016.txt
@@ -298,9 +298,8 @@ importance or even existence.
> scheme still seems to offer the best security/performance trade-off,
> and we also value simplicity and extensive peer-review of the
> cryptographic primitives used for production systems. So far, none
-> of the schemes compete. For example, Bernstein recently proposed an
-> interesting PostQuantum blind-signature scheme, but the keys are too
-> large to be useful in practice.
+> of the schemes compete. In particular, the elliptic curve blind
+> signatures mostly require extra round trips.
However, providing proofs of the statement to be signed is important,
and a potential attack on the presented scheme may illustrate this. The
