Comment by westurner

12 hours ago

There are also Merkle ladders.

What is the difference between a Merkle Tree Certificate and a Merkle Ladder?

Is this correct?:

Without Merkle Tree Certificates, the per keypress overhead for e.g. jupyter_server would be something like 3.3 KB due to the PQ signatures.

2 comments

westurner

Reply
bwesterb  10 hours ago

Merkle Tree Certificates basically uses the same structure as Certificate Transparency today. Merkle Ladder uses a weird variation claimed to be useful to DNSSEC. I think it's rather just to seem novel ( https://datatracker.ietf.org/ipr/search/?submit=draft&id=dra... )

  • westurner  3 hours ago

    I found buzzwords for this; Quantum-Resistant Decentralized PKI / DNS:

    Multilinear/Hash-based VCs and Sum-Check protocol for Stateless PKI (with Sparse Merkle Tree (SMT))

    PKI-over-Log with Hyper-Trees, Decentralized PKI (DPKI), XMSS^MT, M-FORS and F-SPHINCS+ (stateless),

    "Spartan: Efficient and General-purpose zkSNARKs without Trusted Setup" (2020) https://link.springer.com/chapter/10.1007/978-3-030-56877-1_... :

    - Spartan implements the Sum-Check protocol with Multilinear Polynomial Commitments, which is hash-based like XMSS and SPHINCS+ (unlike Verkle trees which are built on KZG which relies on the "Discrete Logarithm Problem" (which Shor’s broke)).