[Back]

E. Tairi, P. Moreno-Sanchez, M. Maffei:
"Post-Quantum Adaptor Signature for Privacy-Preserving Off-Chain Payments";
Talk: International Conference on Financial Cryptography and Data Security (FC), Grenada; 2021-03-01 - 2021-03-05; in: "Proceedings of the 25th International Conference on Financial Cryptography and Data Security", (2021).

Adaptor signatures (AS) are an extension of digital signatures that enable the encoding of a cryptographic hard problem (e.g., discrete logarithm) within the signature itself. An AS scheme ensures that (i) the signature can be created only by the user knowing the solution to the cryptographic problem; (ii) the signature reveals the solution itself; (iii) the signature can be verified with the standard verification algorithm. These properties have made AS a salient building block for many blockchain applications, in particular, off-chain payment systems such as payment-channel networks, payment-channel hubs, atomic swaps or discrete log contracts. Current AS constructions, however, are not secure against adversaries with access to a quantum computer.

In this work, we present IAS, a construction for adaptor signatures that relies on standard cryptographic assumptions for isogenies, and builds upon the isogeny-based signature scheme CSI-FiSh. We formally prove the security of IAS against a quantum adversary. We have implemented IAS and our evaluation shows that IAS can be incorporated into current blockchains while requiring ∼1500 bytes of storage size on-chain and ∼140 milliseconds for digital signature verification. We also show how IAS can be seamlessly leveraged to build post-quantum off-chain payment applications without harming their security and privacy.

cryptography, blockchain, payment channel, adaptor signature, post-quantum, security, privacy

https://eprint.iacr.org/2020/1345