From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Wed, 09 Jul 2025 11:56:16 -0700
Received: from mail-oi1-f192.google.com ([209.85.167.192])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBDD5RM5R7QJRBR7WXLBQMGQEJ6EDK5Y@googlegroups.com>)
	id 1uZZxo-000699-5S
	for bitcoindev@gnusha.org; Wed, 09 Jul 2025 11:56:16 -0700
Received: by mail-oi1-f192.google.com with SMTP id 5614622812f47-4066ff1aab8sf207782b6e.2
        for <bitcoindev@gnusha.org>; Wed, 09 Jul 2025 11:56:15 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1752087370; cv=pass;
        d=google.com; s=arc-20240605;
        b=TsmBSC1wFuthvl15/PhQXq4Phsu21qOWqCIQQDWIcxv+yhT7GkxoR/U1teOgsK2yJd
         fzW9Iwrj+f5JDXUeAo81Fruj7lwyCsL9sF2Vl+ZJKemRxS6R72LCpsqkjSmGvoqImTS/
         L1SZkiLJLtKzrrqlhnmG+axik4+xMUPfDMindbRm4PgBhCqKsf9c2c/aXO3HpoY9R+26
         wApM+xAdAKZaDE01TRBXbrP8+38lsPPomFzG7bMFO6V4wQcUfsYpBsSGFFrfb+x3XdnB
         LvLNEHwpFqxtczkWcLxkjhgSMU8nwnlnqxPw+cMSwjcPvootpWipisGQgs2jHW9YC2dL
         jgWg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:in-reply-to:from:content-language
         :references:cc:to:subject:user-agent:mime-version:date:message-id
         :sender:dkim-signature;
        bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
        fh=5IeN72FP/ulUYnKhZ1lDUpMp28V1HwqiGOzfJ2BDBKI=;
        b=g5RXPo7ESfGbO2o12O+vLHMfs4z9zQPoLKiN4dzj5yZm9xbPPUkk2rahUzUBr1CMR8
         82hsX842365Tor4ZAntzp5Vz3TUWMIiTS91IQHMHCjwVmw0HGOqaNKKCJoZpqrJgyU6E
         8MvchlX+2pfEELBen+HORqvunpbqjP6e3SnnWWzeQC5DysE2uG0x21thKotH/cm2ludu
         zkkTwGUQLnscJ3VqwoJcy7I/EHNbTi9t4zt3IgJ+UtOI/ViTsUF+LupjVS5p955PKTaV
         m5L2+Zg2+7EguYdSmCed39eptDsHU72tkWNJJbFjYlMwt47vIXAHZ+zwMKsXz0lNXCsV
         mUhQ==;
        darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg;
       spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=pass header.i=@googlegroups.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1752087370; x=1752692170; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:in-reply-to:from:content-language:references:cc
         :to:subject:user-agent:mime-version:date:message-id:sender:from:to
         :cc:subject:date:message-id:reply-to;
        bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
        b=moHrVnEuqbU/jweejAGEamhKW5rdgNL7h6uLdZ6f7GUIf+1XrEjYuQqFbDz2CgK254
         11GwTSL3dxHba5YLLMKKkvo718Hs6fqRJeOQ14meLgvzxOP1orsvCqMIL6GEjC1pKyST
         +H2Y2A7zexNne7VE7CRoIHUu5HzT/gS57fwAWY+o8sz9q4TZ0o4Mb24XYUIl0g+KpPYW
         SRhf4V+3gyFR967lzoe7/tLhKWHFEro7EtPd0OSk5jMlM76n2oBXNz5mQIr7+F7gDsBS
         8XfLSHsBhKMIRwBCfzVYW8tvVdb9bWH3TNXI0wcICqulw6omlW5YXjrUhpc0ariv98Wp
         bUxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1752087370; x=1752692170;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:in-reply-to:from:content-language:references:cc
         :to:subject:user-agent:mime-version:date:message-id:sender
         :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=sFfkWJpYYbuCSf0AQn4rr7N9OheOgRjRsovQFoYplJU=;
        b=qkQy3yUfZQ0zhJmWlp1FU3tJIq7uFIvvmbe/VBmAQALsL/mKbiJ2QhIu3gdYc7G0+2
         ltbp1wtLtJk3C32hBBnfyOpWb2TTbYf8rB2fRY765AwUA8IDLCHowh4Dg8iYaT0YcthF
         lBBNRloYpvycZH6s7QkqNmGOzSHhOrz17m773tVUdm6FKdQVZSPy7xctAuckw5gMysNN
         BZrbYF94MXIyt7ajuz0SnFXQ9Pd+wIiNtXFdwwiAbZtavvOvJjIZfxirAHVwfAZeD1Lt
         Sv3TFKbN0ChgLvuEVPW/AX3I21FgdTr3senF8MbMkXNP0N5Uk5UWTcjUS50d1FXzKOvJ
         /myA==
X-Forwarded-Encrypted: i=2; AJvYcCX3PHSy0PVoqBW91NdtZLw7S/Qmbsjwn9fmsSnAh1jG1lB4IH+Ynn2S9WX0EecSvQwTQBXDc4JIVE/l@gnusha.org
X-Gm-Message-State: AOJu0Yz5uqAcToBuCOELt2G8AIVfWbQ/eGpqhMMEvdQeiAMSoqcacLJz
	CacIziOqlS9mLqovmQAVUrxLtcjrECKbAd3A/Co0ccAZWFOy+Xsnyekn
X-Google-Smtp-Source: AGHT+IFrpPqzvTyFjbx4vkdma99rD7PEE2wRc3BaizD7ZNpbo3ExrUm08lFmrkxz1F/qS5x4HaPz7A==
X-Received: by 2002:a05:6808:188d:b0:40b:2f3e:5f55 with SMTP id 5614622812f47-413a9684582mr696500b6e.0.1752087370086;
        Wed, 09 Jul 2025 11:56:10 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZc0gV1V/2rOFaOAsjm7B+r0SpsnA41V0u2qVrB0hu0MQQ==
Received: by 2002:a05:6820:b43:b0:611:b911:dadf with SMTP id
 006d021491bc7-613d7ce448dls35050eaf.1.-pod-prod-05-us; Wed, 09 Jul 2025
 11:56:07 -0700 (PDT)
X-Received: by 2002:a05:6808:6f81:b0:40b:a456:e752 with SMTP id 5614622812f47-413ac355debmr672499b6e.11.1752087367025;
        Wed, 09 Jul 2025 11:56:07 -0700 (PDT)
Received: by 2002:a05:600c:6089:b0:450:ce23:93de with SMTP id 5b1f17b1804b1-4538ed863cams5e9;
        Tue, 8 Jul 2025 01:07:13 -0700 (PDT)
X-Received: by 2002:a5d:64cf:0:b0:3a5:39d7:3f17 with SMTP id ffacd0b85a97d-3b5ddedc52emr1531257f8f.47.1751962031299;
        Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1751962031; cv=none;
        d=google.com; s=arc-20240605;
        b=JgNxbRbg/OuDevoBXrmA1LGZWfSMUTgyJBlt60Ukj/k4Pjj6wYhN7xnzJRwGfQGsEH
         +xAfJWPZ2aVtXOkY8ntQRCs8cfgzIYcTIj5bcTxiCIhkL2fhyLdQ+Nzf1gQ2EDvfl5LL
         wr+Nzl/D8WgwedKZrIj5ipjNmN5DCUZCEQ6uyggkB3iGewOxAicbGc4I0rpyglMhwSay
         XZ8h8iGeRq7vXh2JsqRhi52rZRb3yaeyQII+Jdgt23yWXbJcTZM6uuMRZDMrbiBy/Qok
         CXWIirbEbVyGglwzaVfpck8pPNGxKW6vAMpjgNECVQSsqmWTttnylPMaJIXmzG7gqaRi
         D6Og==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=content-transfer-encoding:in-reply-to:from:content-language
         :references:cc:to:subject:user-agent:mime-version:date:message-id
         :sender:dkim-signature;
        bh=BePTDrQYbhIo3Y8NuDoF+0qSjz41v5YFajGWjDLt1FI=;
        fh=mzXEsTWDK6gnkBrY7ZCwwMohUIL8bXkfU2CQ462oZJ0=;
        b=BvLAaLjuwvF3+380t85SxoRTsTnsQ2gQY2Vuq2yX5/4DbdREgPsXUoQotA4RkWestU
         4awg48zpVnnOrktDYVJMP4EVzw4dba4qlUsnW5UAiivCbnk6kyHQL+aB82Pr3lyvtmzd
         sQ9mIRvYpiZ/T0E0USINFFMWmx9ZG/DNFbvT156pI5bw3Oj/51O12nMTAcY/JBfdqL/1
         4zW64lv9LS50vD8QchipXMf/JEj6NYoV/GUj32t4HaHG+UcY+Knongmwrj7ufdOYZ+Lc
         6ixi1T/XVMn0sg8NQikdJVrdSJHTCDoWPXrOGH4l2q2zU7rz6AIMEJXG44T6vSy1bYv4
         Dm/Q==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg;
       spf=pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;
       dara=pass header.i=@googlegroups.com
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com. [2a00:1450:4864:20::52b])
        by gmr-mx.google.com with ESMTPS id ffacd0b85a97d-3b47156a702si196113f8f.4.2025.07.08.01.07.11
        for <bitcoindev@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b as permitted sender) client-ip=2a00:1450:4864:20::52b;
Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-6097b404f58so5926674a12.3
        for <bitcoindev@googlegroups.com>; Tue, 08 Jul 2025 01:07:11 -0700 (PDT)
X-Gm-Gg: ASbGncu+Vh7T2d3hJOVuLi+yDkmk0Mab4y/6xwcRvKWjOaix2+EelS4ExOzG9CblkMv
	4VW258W264zT2CtKmgGyGWqVnrc3bOHGiK8z9e7xfKuWaiUKQjwYlx+q2j5+sgu+ifW3B+Az21C
	5n3WEvt574g3Fy7hhUnmQFlAI0GFXyE8xza7Ec292cqP93NwWpPSi9WT24anLhoNMkW6XTWmNSy
	m2Qtcv9vBVdTa/uH9D8MJgUyKnN/hnpbSl+jIs3X1S1wqshKB5xu4hCRMBbc+TssmBqBZe2nWxt
	sQZQTOrIB3Ecah+46zDC5kzWNEisVJx8ijS09T2EX7aypfgdPz6ft/9FmFh0UMal5TMxatlWZ7z
	qlryb53emmpiRbjMUvigpS1xYvZbYsg1z4cZOvX+dHcxH4g==
X-Received: by 2002:a05:6402:234c:b0:605:878:3560 with SMTP id 4fb4d7f45d1cf-61046a1d37dmr2622723a12.26.1751962030559;
        Tue, 08 Jul 2025 01:07:10 -0700 (PDT)
Received: from [192.168.1.55] (188-22-134-228.adsl.highway.telekom.at. [188.22.134.228])
        by smtp.googlemail.com with ESMTPSA id 4fb4d7f45d1cf-60fcb1fb06bsm6737989a12.64.2025.07.08.01.07.09
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Tue, 08 Jul 2025 01:07:10 -0700 (PDT)
Sender: Jonas Nick <jonasdnick@gmail.com>
Message-ID: <f7f72e13-eaa1-4837-9ba0-4b8d1eddf160@gmail.com>
Date: Tue, 8 Jul 2025 08:07:08 +0000
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [bitcoindev] OP_CAT Enables Winternitz Signatures
To: conduition <conduition@proton.me>
Cc: bitcoindev@googlegroups.com
References: <uCSokD_EM3XBQBiVIEeju5mPOy2OU-TTAQaavyo0Zs8s2GhAdokhJXLFpcBpG9cKF03dNZfq2kqO-PpxXouSIHsDosjYhdBGkFArC5yIHU0=@proton.me>
 <QcOCx8vBMDuw4xf05H5SbIOPee2MZqV5IQa2opvAXcMeMzzFooHYL97qy5ZCLUEjqXHlHoyAucpmkwwU2i3bhO95SJrWP-oRU6mqamnTvRc=@pm.me>
 <PEvUekkEdjFXIGBrX3GTMxPkeD6Bn6q_UnsVGUSWmjdWfiRJzOXxg6oSoLQBju65BVwoKYaA3YwwhzvTlUvM1MXcWO_K5-ub9_lBkoC28Nk=@proton.me>
 <c2abfd68-f118-4951-ba4a-499fc819332f@gmail.com>
 <Um1180WhyfREJS4CHTfTCzAuDywzNlFlsaIFFwLEGcETcwKCDuJMgSwSs4idfqgCDqtMTuc4FUmcTHWnK2z_tzxw8bdVD9zDiGTCfdbJFjs=@proton.me>
Content-Language: en-US
From: Jonas Nick <jonasd.nick@gmail.com>
In-Reply-To: <Um1180WhyfREJS4CHTfTCzAuDywzNlFlsaIFFwLEGcETcwKCDuJMgSwSs4idfqgCDqtMTuc4FUmcTHWnK2z_tzxw8bdVD9zDiGTCfdbJFjs=@proton.me>
Content-Type: text/plain; charset="UTF-8"; format=flowed
X-Original-Sender: jonasdnick@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@gmail.com header.s=20230601 header.b=PeCaeRTg;       spf=pass
 (google.com: domain of jonasd.nick@gmail.com designates 2a00:1450:4864:20::52b
 as permitted sender) smtp.mailfrom=jonasd.nick@gmail.com;       dmarc=pass
 (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com;       dara=pass header.i=@googlegroups.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)

 > Agreed. AFAICT, the only reason we'd use WOTS+ over stock
 > WOTS (w/o randomizers) would be if we wanted to use a less
 > collision-resistant hash algo (RMD160) as the primary hash
 > function.

When using RMD160 in WOTS+ instead of SHA256, you reduce the security level to
80 bits. Roughly speaking, while WOTS+ relies only on preimage resistance,
quantum computers get a quadratic speedup finding preimages due to Grover's
algorithm. A more detailed analysis of this is in [0] (see Theorem 2 and Table
1).

 > Would OP_HASH160 (aka rmd160(sha256(...))) be a
 > possible contender for the hash function here, to shrink
 > the witness size further while still retaining some of the
 > collision resistance of SHA256?

I'm probably missing something, but I don't see how this would work because you
can find a collision with about 2^80 queries.

[0] https://eprint.iacr.org/2015/1256.pdf (This should have been link [5] in the
     previous email, sorry)

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/f7f72e13-eaa1-4837-9ba0-4b8d1eddf160%40gmail.com.