Can Merkle signatures be leveraged for key exchange?

JamesTheAwesomeDude

10/9/22, 4:50 PM

A Merkle signature scheme is post-quantum-suitable as it relies only on the security of a one-way function. However, this construction seems to only be capable of authentication, and not confidentiality.

Is there any cryptographic protocol enabling key exchange via a Merkle scheme -- that is, without relying on weaker assumptions that might be broken by future cryptographers with a quantum computer?

0 + 0

post-quantum-cryptography

key-exchange

hash-tree

hash-signature

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can Merkle signatures be leveraged for key exchange?

TH: ลายเซ็น Merkle สามารถนำไปใช้ในการแลกเปลี่ยนคีย์ได้หรือไม่?

RO: Semnăturile Merkle pot fi valorificate pentru schimbul de chei?

RU: Можно ли использовать подписи Merkle для обмена ключами?

VI: Chữ ký Merkle có thể được tận dụng để trao đổi khóa không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.