Soatok DreamseekerI'm quite amused that ML-DSA-44 public keys are 1312 bytes.
Koko@ic5146 Why do you think Merkle Tree Certificates are a thing?
PQC is bandwidth-heavy for crypto
A look at the latest post-quantum signature standardization candidates
NIST has standardized four post-quantum signature schemes so far, and they’re not done yet: there are fourteen new candidates in the running for standardization. In this blog post we take measure of them and discover why we ended up with so many PQ signatures.
Litchralee_v6@soatok I appreciate that cryptography necessarily uses complex language and analogies to describe complexity, but I'm still thrown by names like the "unbalanced oil and vinegar" scheme.
I now wish to believe that that scheme was devised after a particularly disastrous salad tossing exercise.
catatonicprime
Curio
GothPanda@gothpanda I mean, it's a 32 byte commitment from the private key and 1280 bytes of the upper bits of vector t (where t = A*s + e, with e being an error vector).
For larger parameter sizes (-65, -87), the second segment is larger but the commitment remains 32 bytes.
Sn4ptr4n
da_667
tmaher