Why is Spaincoindev in here trolling back and forth with longnshort. Talking a ll negatively in this coins thread. Sure I know just talking facts and tech but in such a way that its negative and fud like. Everyone knows what you aguys are doing. SpaincoinDev I think your coin is looking for you.
So would you rather have these people come in here and celebrate 80 bit security, or have people speak from their understanding about what is in front of us?
The fact that it's negative or positive doesn't change facts, there's really no way you can say 'well damn we've got potentially trusted secure setup parameters, but the actual zkps that are produced can be cracked with a toaster' in a positive light..
Even for the modest
lambda = 80 security level (ensuring forgery effort of 2^80 operations), Zerocoin spend proofs exceed 25KB. Since these proofs must be stored in the block chain, the large size of these proofs makes it challenging to deploy Zerocoin in practice.
We're right at 25kb..
The appropriate security strength to be used depends on the sensitivity of the data being protected, and needs to be determined by the owner of that data (e.g., a person or an organization). For the Federal government, a minimum security strength of 80 bits is recommended in 2010; a minimum security strength of 112 bits is strongly recommended, beginning in 2011 (see [SP 800-57]). However, with the acceptance of a certain amount of risk, the minimum of 80 bits of security strength may be used until the end of 2013. Based on the latest understanding of the state-of-the-art for breaking the cryptographic algorithms, given particular key lengths, the transition to the 112-bit security strength shall be accomplished by 2014, except where specifically indicated. See Appendix A for an explanation...
Wonder what info/comments the devs have? Have they done anything to keep ~25kb and use >80 bit security, with the same benefit that larger proofs provide?
