Hash-based Signature Schemes for Bitcoin (Blockstream research)
https://eprint.iacr.org/2025/2203.pdf
> Abstract
> Hash-based signature schemes offer a promising post-quantum alternative
for Bitcoin, as their security relies solely on hash function assumptions similar to those already underpinning Bitcoin’s design. We provide a comprehensive overview of these schemes, from basic primitives to SPHINCS+
and its variants, and investigate parameter selection tailored to Bitcoin’s specific requirements. By applying recent optimizations such as SPHINCS+C, TL-WOTS-TW,
and PORS+FP, and by reducing the allowed number of signatures per public key,
we achieve significant size improvements over the standardized SPHINCS+
(SLHDSA). We provide public scripts for reproducibility and discuss limitations regarding key derivation, multi-signatures, and threshold signatures.
Also: https://x.com/n1ckler/status/1998407064213704724
@Kudinov or @Nick on SN for an ELI5?
https://stacker.news/items/1323185
South_korea_ln
npub1hf…8akus
2025-12-09 16:08:42 UTC
Author Public Key
npub1hf0swdg83gl9datykze9k7gdp35ujqmak7whvlla5zaw99dzy03sv8akusSeen on
wss://relay.damus.ioPublished at
2025-12-09 16:08:42 UTCEvent JSON
{
"id": "85ea91977bd96435bbfe2bad6a6aad3fa74fec9568a2b6f428d1d0ff95806f81",
"pubkey": "ba5f0735078a3e56f564b0b25b790d0c69c9037db79d767ffda0bae295a223e3",
"created_at": 1765296522,
"kind": 1,
"tags": [
[
"client",
"stacker.news"
]
],
"content": "Hash-based Signature Schemes for Bitcoin (Blockstream research)\nhttps://eprint.iacr.org/2025/2203.pdf\n\n\u003e Abstract\n\n\u003e Hash-based signature schemes offer a promising post-quantum alternative\nfor Bitcoin, as their security relies solely on hash function assumptions similar to those already underpinning Bitcoin’s design. We provide a comprehensive overview of these schemes, from basic primitives to SPHINCS+\nand its variants, and investigate parameter selection tailored to Bitcoin’s specific requirements. By applying recent optimizations such as SPHINCS+C, TL-WOTS-TW,\nand PORS+FP, and by reducing the allowed number of signatures per public key,\nwe achieve significant size improvements over the standardized SPHINCS+\n(SLHDSA). We provide public scripts for reproducibility and discuss limitations regarding key derivation, multi-signatures, and threshold signatures.\n\nAlso: https://x.com/n1ckler/status/1998407064213704724\n\n@Kudinov or @Nick on SN for an ELI5?\n\nhttps://stacker.news/items/1323185",
"sig": "527ca9ee1c1c503fc9b78bdba110eca45feb0cca884a01c800234831fd5192cd3e6789e492b8cbd6e75031eeaacca80debb7d3d52cdb0a0c9e22ea75c25fab56"
}