Bird of Prey 2: non-malleable Schnorr + PQ signatures

This scheme integrates elements from both a Schnorr-like scheme and an arbitrary PQC scheme to ensure enhanced security features such as unforgeability and non-malleability, addressing the shortcomings of traditional methods which simply concatenate signatures from different schemes. The BoP-2 system employs a unique approach by generating a random nonce and utilizing a hash that amalgamates the message with portions of both signatures, thus requiring the recovery of certain signature parameters for verification. This method boosts security by leveraging the informational-theoretical commitment properties inherent in the PQC component, making it a promising solution amidst concerns over quantum computing attacks on cryptographic systems (read more).

In addition to the technical specifics of the BoP-2 scheme, there is an ongoing discourse regarding the efficacy of various cryptographic methods under the PQC regime, with particular emphasis on the practicality and performance issues associated with isogenies, hash-based systems, and lattices. The discussion also raises concerns about the batch-verifiability of signatures, a crucial aspect considering the potential cost implications of implementing PQC schemes effectively. This conversation further extends into the publication strategies of cryptographic components, highlighting the dominance of \sigma_{pq} in publications due to its significant role in overall security frameworks.

A notable aspect of this dialogue involves the concept of Signature Upgrade Functionality (SUF) within the Bitcoin ecosystem, especially post-Segwit implementation. The reduced reliance on signatures for transaction ID integrity post-Segwit has shifted focus towards hybrid cryptographic schemes that could potentially address vulnerabilities arising from component failures. Boris Nagaev's proposal to integrate BIP340 within a hash-based scheme, adding minimal overhead, represents an innovative approach to enhancing space efficiency and security in blockchain technologies (Bitcoin development group contribution). However, subsequent discussions indicate the complexities involved in adopting such hybrid schemes without clear and compelling use cases, emphasizing the need for careful consideration of practical and security aspects before extensive development.

Furthermore, the broader implications of adopting hybrid schemes, particularly those involving novel cryptographic assumptions like lattices or isogenies, suggest a cautious approach. The potential increase in witness size and the complexity introduced by hybridizing with established cryptographic methods like elliptic curve cryptography necessitate a strategic evaluation to determine the viability and necessity of such approaches in real-world applications. These discussions underscore the evolving landscape of cryptography where innovation must be balanced against practicality, security, and user trust.