| Asymmetric Encryption |
ECDH, ECIES, ElGamal |
CRYSTALS-Kyber (lattice-based, NIST standard) |
| Digital Signatures |
ECDSA, EdDSA |
CRYSTALS-Dilithium, Falcon (lattice-based) |
| Consensus Signatures |
BLS |
XMSS / Winternitz (hash-based) |
| Signature Aggregation |
BLS aggregation |
STARKs over XMSS (leanMultisig approach) |
| Polynomial Commitments |
KZG (pairing-based) |
FRI / STARKs (hash-based), Lattice-based commitments |
| very large sizes |
|
|
| ZK Proofs / SNARKs |
Groth16, PLONK |
STARKs, Erasure coding-based SNARKs (e.g. ZODA) |
| Lattice-based SNARKs (e.g. Labrador, STARK-lattice hybrids) proof sizes still a concern |
|
|
| Data Availability |
KZG + DAS |
ZODA, DAS + STARKs, erasure coding proofs |
| Hash Functions (general) |
SHA-256, Keccak |
Quantum-safe — no replacement needed |
| **Hash Functions |
|
|
| (ZK-internal)** |
SHA-256, Keccak (ZK-unfriendly) |
Poseidon1, Poseidon2 + extra rounds, BLAKE3, Monolith |
| active cryptanalysis ongoing |
|
|