1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
Delivery-date: Wed, 09 Jul 2025 11:56:16 -0700
Received: from mail-oi1-f192.google.com ([209.85.167.192])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDD5RM5R7QJRBR7WXLBQMGQEJ6EDK5Y@googlegroups.com>)
id 1uZZxo-000699-5S
for bitcoindev@gnusha.org; Wed, 09 Jul 2025 11:56:16 -0700
Received: by mail-oi1-f192.google.com with SMTP id 5614622812f47-4066ff1aab8sf207782b6e.2
for <bitcoindev@gnusha.org>; Wed, 09 Jul 2025 11:56:15 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1752087370; cv=pass;
d=google.com; s=arc-20240605;
b=TsmBSC1wFuthvl15/PhQXq4Phsu21qOWqCIQQDWIcxv+yhT7GkxoR/U1teOgsK2yJd
fzW9Iwrj+f5JDXUeAo81Fruj7lwyCsL9sF2Vl+ZJKemRxS6R72LCpsqkjSmGvoqImTS/
L1SZkiLJLtKzrrqlhnmG+axik4+xMUPfDMindbRm4PgBhCqKsf9c2c/aXO3HpoY9R+26
wApM+xAdAKZaDE01TRBXbrP8+38lsPPomFzG7bMFO6V4wQcUfsYpBsSGFFrfb+x3XdnB
LvLNEHwpFqxtczkWcLxkjhgSMU8nwnlnqxPw+cMSwjcPvootpWipisGQgs2jHW9YC2dL
jgWg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:from:content-language
:references:cc:to:subject:user-agent:mime-version:date:message-id
:sender:dkim-signature;
bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
fh=5IeN72FP/ulUYnKhZ1lDUpMp28V1HwqiGOzfJ2BDBKI=;
b=g5RXPo7ESfGbO2o12O+vLHMfs4z9zQPoLKiN4dzj5yZm9xbPPUkk2rahUzUBr1CMR8
82hsX842365Tor4ZAntzp5Vz3TUWMIiTS91IQHMHCjwVmw0HGOqaNKKCJoZpqrJgyU6E
8MvchlX+2pfEELBen+HORqvunpbqjP6e3SnnWWzeQC5DysE2uG0x21thKotH/cm2ludu
zkkTwGUQLnscJ3VqwoJcy7I/EHNbTi9t4zt3IgJ+UtOI/ViTsUF+LupjVS5p955PKTaV
m5L2+Zg2+7EguYdSmCed39eptDsHU72tkWNJJbFjYlMwt47vIXAHZ+zwMKsXz0lNXCsV
mUhQ==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg;
spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=pass header.i=@googlegroups.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1752087370; x=1752692170; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:from:content-language:references:cc
:to:subject:user-agent:mime-version:date:message-id:sender:from:to
:cc:subject:date:message-id:reply-to;
bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
b=moHrVnEuqbU/jweejAGEamhKW5rdgNL7h6uLdZ6f7GUIf+1XrEjYuQqFbDz2CgK254
11GwTSL3dxHba5YLLMKKkvo718Hs6fqRJeOQ14meLgvzxOP1orsvCqMIL6GEjC1pKyST
+H2Y2A7zexNne7VE7CRoIHUu5HzT/gS57fwAWY+o8sz9q4TZ0o4Mb24XYUIl0g+KpPYW
SRhf4V+3gyFR967lzoe7/tLhKWHFEro7EtPd0OSk5jMlM76n2oBXNz5mQIr7+F7gDsBS
8XfLSHsBhKMIRwBCfzVYW8tvVdb9bWH3TNXI0wcICqulw6omlW5YXjrUhpc0ariv98Wp
bUxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1752087370; x=1752692170;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:from:content-language:references:cc
:to:subject:user-agent:mime-version:date:message-id:sender
:x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id
:reply-to;
bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
b=qkQy3yUfZQ0zhJmWlp1FU3tJIq7uFIvvmbe/VBmAQALsL/mKbiJ2QhIu3gdYc7G0+2
ltbp1wtLtJk3C32hBBnfyOpWb2TTbYf8rB2fRY765AwUA8IDLCHowh4Dg8iYaT0YcthF
lBBNRloYpvycZH6s7QkqNmGOzSHhOrz17m773tVUdm6FKdQVZSPy7xctAuckw5gMysNN
BZrbYF94MXIyt7ajuz0SnFXQ9Pd+wIiNtXFdwwiAbZtavvOvJjIZfxirAHVwfAZeD1Lt
Sv3TFKbN0ChgLvuEVPW/AX3I21FgdTr3senF8MbMkXNP0N5Uk5UWTcjUS50d1FXzKOvJ
/myA==
X-Forwarded-Encrypted: i=2; AJvYcCX3PHSy0PVoqBW91NdtZLw7S/Qmbsjwn9fmsSnAh1jG1lB4IH+Ynn2S9WX0EecSvQwTQBXDc4JIVE/l@gnusha.org
X-Gm-Message-State: AOJu0Yz5uqAcToBuCOELt2G8AIVfWbQ/eGpqhMMEvdQeiAMSoqcacLJz
CacIziOqlS9mLqovmQAVUrxLtcjrECKbAd3A/Co0ccAZWFOy+Xsnyekn
X-Google-Smtp-Source: AGHT+IFrpPqzvTyFjbx4vkdma99rD7PEE2wRc3BaizD7ZNpbo3ExrUm08lFmrkxz1F/qS5x4HaPz7A==
X-Received: by 2002:a05:6808:188d:b0:40b:2f3e:5f55 with SMTP id 5614622812f47-413a9684582mr696500b6e.0.1752087370086;
Wed, 09 Jul 2025 11:56:10 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZc0gV1V/2rOFaOAsjm7B+r0SpsnA41V0u2qVrB0hu0MQQ==
Received: by 2002:a05:6820:b43:b0:611:b911:dadf with SMTP id
006d021491bc7-613d7ce448dls35050eaf.1.-pod-prod-05-us; Wed, 09 Jul 2025
11:56:07 -0700 (PDT)
X-Received: by 2002:a05:6808:6f81:b0:40b:a456:e752 with SMTP id 5614622812f47-413ac355debmr672499b6e.11.1752087367025;
Wed, 09 Jul 2025 11:56:07 -0700 (PDT)
Received: by 2002:a05:600c:6089:b0:450:ce23:93de with SMTP id 5b1f17b1804b1-4538ed863cams5e9;
Tue, 8 Jul 2025 01:07:13 -0700 (PDT)
X-Received: by 2002:a5d:64cf:0:b0:3a5:39d7:3f17 with SMTP id ffacd0b85a97d-3b5ddedc52emr1531257f8f.47.1751962031299;
Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1751962031; cv=none;
d=google.com; s=arc-20240605;
b=JgNxbRbg/OuDevoBXrmA1LGZWfSMUTgyJBlt60Ukj/k4Pjj6wYhN7xnzJRwGfQGsEH
+xAfJWPZ2aVtXOkY8ntQRCs8cfgzIYcTIj5bcTxiCIhkL2fhyLdQ+Nzf1gQ2EDvfl5LL
wr+Nzl/D8WgwedKZrIj5ipjNmN5DCUZCEQ6uyggkB3iGewOxAicbGc4I0rpyglMhwSay
XZ8h8iGeRq7vXh2JsqRhi52rZRb3yaeyQII+Jdgt23yWXbJcTZM6uuMRZDMrbiBy/Qok
CXWIirbEbVyGglwzaVfpck8pPNGxKW6vAMpjgNECVQSsqmWTttnylPMaJIXmzG7gqaRi
D6Og==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-transfer-encoding:in-reply-to:from:content-language
:references:cc:to:subject:user-agent:mime-version:date:message-id
:sender:dkim-signature;
bh=BePTDrQYbhIo3Y8NuDoF+0qSjz41v5YFajGWjDLt1FI=;
fh=mzXEsTWDK6gnkBrY7ZCwwMohUIL8bXkfU2CQ462oZJ0=;
b=BvLAaLjuwvF3+380t85SxoRTsTnsQ2gQY2Vuq2yX5/4DbdREgPsXUoQotA4RkWestU
4awg48zpVnnOrktDYVJMP4EVzw4dba4qlUsnW5UAiivCbnk6kyHQL+aB82Pr3lyvtmzd
sQ9mIRvYpiZ/T0E0USINFFMWmx9ZG/DNFbvT156pI5bw3Oj/51O12nMTAcY/JBfdqL/1
4zW64lv9LS50vD8QchipXMf/JEj6NYoV/GUj32t4HaHG+UcY+Knongmwrj7ufdOYZ+Lc
6ixi1T/XVMn0sg8NQikdJVrdSJHTCDoWPXrOGH4l2q2zU7rz6AIMEJXG44T6vSy1bYv4
Dm/Q==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg;
spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com;
dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
dara=pass header.i=@googlegroups.com
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com. [2a00:1450:4864:20::52b])
by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-3b47156a702si196113f8f.4.2025.07.08.01.07.11
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) client-ip=2a00:1450:4864:20::52b;
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-6097b404f58so5926674a12.3
for <bitcoindev@googlegroups.com>; Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
X-Gm-Gg: ASbGncu+Vh7T2d3hJOVuLi+yDkmk0Mab4y/6xwcRvKWjOaix2+EelS4ExOzG9CblkMv
4VW258W264zT2CtKmgGyGWqVnrc3bOHGiK8z9e7xfKuWaiUKQjwYlx+q2j5+sgu+ifW3B+Az21C
5n3WEvt574g3Fy7hhUnmQFlAI0GFXyE8xza7Ec292cqP93NwWpPSi9WT24anLhoNMkW6XTWmNSy
m2Qtcv9vBVdTa/uH9D8MJgUyKnN/hnpbSl+jIs3X1S1wqshKB5xu4hCRMBbc+TssmBqBZe2nWxt
sQZQTOrIB3Ecah+46zDC5kzWNEisVJx8ijS09T2EX7aypfgdPz6ft/9FmFh0UMal5TMxatlWZ7z
qlryb53emmpiRbjMUvigpS1xYvZbYsg1z4cZOvX+dHcxH4g==
X-Received: by 2002:a05:6402:234c:b0:605:878:3560 with SMTP id 4fb4d7f45d1cf-61046a1d37dmr2622723a12.26.1751962030559;
Tue, 08 Jul 2025 01:07:10 -0700 (PDT)
Received: from [192.168.1.55] (188-22-134-228.adsl.highway.telekom.at. [188.22.134.228])
by smtp.googlemail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb06bsm6737989a12.64.2025.07.08.01.07.09
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
Tue, 08 Jul 2025 01:07:10 -0700 (PDT)
Sender: Jonas Nick <jonasdnick@gmail.com>
Message-ID: <f7f72e13-eaa1-4837-9ba0-4b8d1eddf160@gmail.com>
Date: Tue, 8 Jul 2025 08:07:08 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [bitcoindev] OP_CAT Enables Winternitz Signatures
To: conduition <conduition@proton.me>
Cc: bitcoindev@googlegroups.com
References: <uCSokD_EM3XBQBiVIEeju5mPOy2OU-TTAQaavyo0Zs8s2GhAdokhJXLFpcBpG9cKF03dNZfq2kqO-PpxXouSIHsDosjYhdBGkFArC5yIHU0=@proton.me>
<QcOCx8vBMDuw4xf05H5SbIOPee2MZqV5IQa2opvAXcMeMzzFooHYL97qy5ZCLUEjqXHlHoyAucpmkwwU2i3bhO95SJrWP-oRU6mqamnTvRc=@pm.me>
<PEvUekkEdjFXIGBrX3GTMxPkeD6Bn6q_UnsVGUSWmjdWfiRJzOXxg6oSoLQBju65BVwoKYaA3YwwhzvTlUvM1MXcWO_K5-ub9_lBkoC28Nk=@proton.me>
<c2abfd68-f118-4951-ba4a-499fc819332f@gmail.com>
<Um1180WhyfREJS4CHTfTCzAuDywzNlFlsaIFFwLEGcETcwKCDuJMgSwSs4idfqgCDqtMTuc4FUmcTHWnK2z_tzxw8bdVD9zDiGTCfdbJFjs=@proton.me>
Content-Language: en-US
From: Jonas Nick <jonasd.nick@gmail.com>
In-Reply-To: <Um1180WhyfREJS4CHTfTCzAuDywzNlFlsaIFFwLEGcETcwKCDuJMgSwSs4idfqgCDqtMTuc4FUmcTHWnK2z_tzxw8bdVD9zDiGTCfdbJFjs=@proton.me>
Content-Type: text/plain; charset="UTF-8"; format=flowed
X-Original-Sender: jonasdnick@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg; spf=pass
(google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b
as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com; dmarc=pass
(p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)
> Agreed. AFAICT, the only reason we'd use WOTS+ over stock
> WOTS (w/o randomizers) would be if we wanted to use a less
> collision-resistant hash algo (RMD160) as the primary hash
> function.
When using RMD160 in WOTS+ instead of SHA256, you reduce the security level to
80 bits. Roughly speaking, while WOTS+ relies only on preimage resistance,
quantum computers get a quadratic speedup finding preimages due to Grover's
algorithm. A more detailed analysis of this is in [0] (see Theorem 2 and Table
1).
> Would OP_HASH160 (aka rmd160(sha256(...))) be a
> possible contender for the hash function here, to shrink
> the witness size further while still retaining some of the
> collision resistance of SHA256?
I'm probably missing something, but I don't see how this would work because you
can find a collision with about 2^80 queries.
[0] https://eprint.iacr.org/2015/1256.pdf (This should have been link [5] in the
previous email, sorry)
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/f7f72e13-eaa1-4837-9ba0-4b8d1eddf160%40gmail.com.
|
