0

Many of you will know that the stealth addressing system used in Monero is vulnerable to quantum attacks, due to it being based on quantum-weak cryptography. Although not all payments would be immediately deanonymized by a quantum attacker, they would still be able to deanonymize select targets by recovering the private view key.

These attacks might take over a decade to become a real threat, if ever, but I'm curious if there has been any serious research done on post-quantum stealth addressing systems. Quantum-resistant public key cryptosystems require several hundred/thousand-byte public keys and ciphertexts, plus there are none that I know of which have the property of "adding" public/private keys like elliptic curves do, which is necessary for stealth addresses.

So my question is that, is quantum-safe stealth addressing even possible (at least, with our current understanding of cryptography)? If so, how?

Neatness2253
  • 21
  • 3

1 Answers1

1

but I'm curious if there has been any serious research done on post-quantum stealth addressing systems

There has been specific research undertaken with regards to Monero in a post-quantum setting (including mitigations). See the funding overview and project output for further details.

So my question is that, is quantum-safe stealth addressing even possible (at least, with our current understanding of cryptography)?

"stealth addressing" is covered in the aforementioned research (using the alternative term: one-time addresses).

jtgrassie
  • 19,601
  • 4
  • 17
  • 54