In this work, we present IAS, a construction for adaptor signatures that relies on standard cryptographic assumptions for isogenies, and builds upon the isogeny-based signature scheme CSI-FiSh. We formally prove the security of IAS against a quantum adversary. We have implemented IAS and our evaluation shows that IAS can be incorporated into current blockchains while requiring $\sim1500$ bytes of storage size on-chain and $\sim140$ milliseconds for digital signature verification. We also show how IAS can be seamlessly leveraged to build post-quantum off-chain payment applications without harming their security and privacy.
Category / Keywords: applications / blockchain, digital signature, adaptor signature, post-quantum Original Publication (with major differences): Financial Cryptography and Data Security 2021 Date: received 26 Oct 2020, last revised 23 Mar 2021 Contact author: erkan tairi at tuwien ac at, pedro moreno at imdea org, matteo maffei at tuwien ac at Available format(s): PDF | BibTeX Citation Version: 20210323:153425 (All versions of this report) Short URL: ia.cr/2020/1345