In this work, we present IAS, a construction for adaptor signatures that relies on standard cryptographic assumptions for isogenies, and builds upon the isogeny-based signature scheme CSI-FiSh. We formally prove the security of IAS against a quantum adversary. We have implemented IAS and our evaluation shows that IAS can be incorporated into current blockchains while requiring $\sim1500$ bytes of storage size on-chain and $\sim140$ milliseconds for digital signature verification. We also show how IAS can be seamlessly leveraged to build post-quantum off-chain payment applications without harming their security and privacy.
Category / Keywords: applications / blockchain, adaptor signature, post-quantum Original Publication (with major differences): Financial Cryptography and Data Security 2021 Date: received 26 Oct 2020, last revised 27 Jan 2021 Contact author: erkan tairi at tuwien ac at, pedro moreno@imdea org, matteo maffei@tuwien ac at Available format(s): PDF | BibTeX Citation Version: 20210127:111535 (All versions of this report) Short URL: ia.cr/2020/1345