kyber-k2so VS tendermint

It seems like the post-quantum algorithm that Signal selected [0] involves lattices [1] somehow:

> Kyber is an IND-CCA2-secure key encapsulation mechanism (KEM), whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices.

Curious to see if Chen's work will eventually lead to Signal selecting a different algorithm.

[0]: https://signal.org/blog/pqxdh/

[1]: https://pq-crystals.org/kyber/

This is pretty fascinating. For easier reading, the Signal blog post [0] they link to is great.

Both Signal and Apple went with CRYSTALS-Kyber [1] as their post-quantum algorithm. If you're interested in the math, and maybe learned at some point about how classic public key cryptography is built on the idea that it's easy to multiply two primes, but hard to factor them, and how this (or other math problems) can be used as a one-way function to make encryption hard to break, the hard math problem that backs Kyber is the "learning-with-errors" [2] problem.

[0] https://signal.org/blog/pqxdh/

[1] https://pq-crystals.org/kyber/

[2] https://en.wikipedia.org/wiki/Learning_with_errors

NIST has chosen to standardize Kyber, which is a Key Encapsulation Mechanism (KEM) rather than a key exchange mechanism like Diffie-Hellman:

However looks like this wasn't good enough, as the team has merged some code into the Signal protocol's library, that uses the latest NIST standard Crystals-Kyber post-quantum key exchange. I'm not sure if it's a hybrid scheme with X25519, or if it's replacing it, but damn, gotta love how the project not only innovates in terms of secure messaging protocols, but slaps the latest and greatest on top of best practice.

Kyber is one of the finalists for PQC and has an open source impl: https://pq-crystals.org/kyber/

I’d recommend looking into https://github.com/symbolicsoft/kyber-k2so -> for post quantum safety. But I’d highly recommend looking at this: https://github.com/open-quantum-safe/liboqs-go -> this library is significantly more advanced but allows for hybrid key generation so you can have post-quantum security while being at least as secure as more established cryptography schemes like Ed25519. But at very least you should move off of RSA and research current cryptography standards for file encryption.

No, none of that is true. Kyber, one of the approved encryption schemes, actually has a smaller key size than RSA and is pretty fast, around 10,000 encryptions per second on a commercial CPU. Just because it is quantum resistant doesn't necessarily mean it is "more complicated", it is just different. We have had the idea for lattice-based encryption for over 20 years now, it is not new stuff just finally being put to use due to the impending threat of quantum computers.

For reference, the Kyber algorithm selected here mentions on their website that, very conservatively, the Kyber-768 parameter set gives 128 bits of security, or roughly on the order of 31 undecillion operations to break.

Tendermint Core / CometBFT — a state machine replication engine (written in Go);

There are good use-cases, but to much focus on cryptocurrencies. Frameworks are not well designed to be used in other use-cases. Best that I have found that doesn't forces you to a specific architecture is Tendermint, but is not even close to state-of-the-art performance and scalability. Everything else is designed around cryptocurrency and smart contracts.

BFT is an algorithm that ensures that the whole network works well even if a few members are acting fraudulently. As long as these fraudulent members are less than 33% of those who have voting power, the network will work fine. Those with voting power are those with something at stake. Cosmos uses a type of BFT consensus engine known as Tendermint. Cosmos uses Tendermint because it provides the best support for building POS blockchains.

Relevant Github ticket showing chains are now scrambling to decide which fork to use: https://github.com/tendermint/tendermint/issues/9972

BlockX is based on Tendermint Core, which relies on a set of validators that are responsible for committing new blocks in the blockchain. These validators participate in the consensus protocol by broadcasting votes which contain cryptographic signatures signed by each validator's private key.

Built with Cosmos and Tendermint.

Haqq is a scalable, high-throughput Proof-of-Stake blockchain that is fully compatible and interoperable with Ethereum. It's built using the Cosmos SDK which runs on top of Tendermint Core consensus engine.Haqq allows for running vanilla Ethereum as a Cosmos application-specific blockchain. This allows developers to have all the desired features of Ethereum, while at the same time, benefit from Tendermint’s PoS implementation. Also, because it is built on top of the Cosmos SDK, it will be able to exchange value with the rest of the Cosmos Ecosystem through the Inter Blockchain Communication Protocol (IBC)Features

Tendermint