From 47035ce2a5b779b407c3e6a39b4fdd4336b4f6ea Mon Sep 17 00:00:00 2001
From: zooko <>
Date: Wed, 21 Dec 2011 19:49:19 +0000
Subject: [PATCH] add performance criterion and point out that Julian's
 implementation meets it

[Imported from Trac: page OneHundredYearCryptography, version 16]
---
 OneHundredYearCryptography.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/OneHundredYearCryptography.md b/OneHundredYearCryptography.md
index 9fbfc02..d9e2450 100644
--- a/OneHundredYearCryptography.md
+++ b/OneHundredYearCryptography.md
@@ -29,7 +29,9 @@ David-Sarah has proposed to use hash-based digital signatures.
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-June/004509.html>
  * <http://tahoe-lafs.org/pipermail/tahoe-dev/2010-July/004587.html>
 
-Julian Wälde has posted an actual implementation of hash-based digital signatures! <http://tahoe-lafs.org/pipermail/tahoe-dev/2011-March/006237.html>
+Zooko posted ["back of the envelope" performance constraints](https://tahoe-lafs.org/pipermail/tahoe-dev/2011-February/006133.html). Bottom-line: you get 30 million ARM instructions to implement one complete digital signature verification.
+
+Julian Wälde has [posted an actual implementation](http://tahoe-lafs.org/pipermail/tahoe-dev/2011-March/006237.html) of hash-based digital signatures! Exciting fact: his implementation meets Zooko's performance criterion!
 
 Brian and David-Sarah wrote [a simulator]source:trunk/misc/simulators/hashbasedsig.py or two to explore performance trade-offs in hash-based signature parameters. The output of one run with the following parameters is this:
 ```