Daily Archives: 30. December 2018

Schnorr signatures: The big Bitcoin leap forward?

The Schnorr signatures have reappeared on the agenda of the Bitcoin community. On GitHub there’s a file that explains the technical background of Schnorr. The upgrade of the Bitcoin network, which is still too little noticed, could finally take shape. However, it could still take a long time until Schnorr finds a broad application in practice.

For some time it had been quiet around the Bitcoin update Schnorr signatures. The idea to use this new type of signature for Bitcoin had already been present in the cryptospace industry for several years. But until the step from a theoretical idea to a practical implementation succeeds, often more time passes than a large part of the community hopes for. We remember how long it took for most of the Bitcoin Core team to get their act together to activate Segregated Witness.

However, this upgrade of the Bitcoin network laid the foundation for the introduction of Schnorr signatures. Some of the Bitcoin team rejoiced after the SegWit activation that Schnorr was no longer far away. As we now know, things didn’t go quite that fast, though. A good year after SegWit, however, now seems to be coming movement in the thing.

Bitcoin news publishes a standard for Schnorr signatures

Developer Pieter Wuille published a file with a draft of Schnorr signatures on Bitcoin news earlier this month: https://www.onlinebetrug.net/en/bitcoin-news-trader/ In it he explains some technical basics for the implementation of Schnorr with the aim to set a standard for 64-byte Schnorr signatures. Now a possible roadmap is given to establish Schnorr as signature for Bitcoin.

Wuille describes the advantages of Schnorr over the ECDSA signatures currently used in the Bitcoin network. In the Elliptic Curve Digital Signature algorithm, elliptic curve cryptography is used to create and encrypt the signature. According to the file, the Schnorr scheme has three advantages over ECDSA signatures: security proof, non-deformability, and linearity.

The advantages of Schnorr compared to ECDSA
The security proof should be provided very easily in the Random Oracle Model, which does not work in the ECDSA scheme. ECDSA signatures can also be changed in principle. For example, an attacker can change an existing signature for a public key without knowing the private key. However, this is not possible with Schnorr signatures.

Last but not least, Schnorr signatures make it possible for several parties to create a signature together that is valid for all their respective public keys. This is a step towards multi-signatures and improves speed and security.

How is Schnorr received in the community?

Schnorr is already being promoted as the “biggest innovation of the Bitcoin network since SegWit”. Similar to this upgrade, it could be difficult for Schnorr to make a breakthrough in the Bitcoin community. That it took so long for the number of SegWit-using nodes to increase is due to the inertia typical of the Bitcoin network. Due to the decentralized nature of the blockchain, the use of SegWit cannot simply be centrally set up or prescribed. The individual nodes must become active independently and accept and use the innovation.

However, an aggravating factor in SegWit was that the activation was preceded by a split in the community. Reservations against Schnorr, as they had been in the Bitcoin cash camp against SegWit, are currently not discernible. The only problem Schnorr faces in comparison to ECDSA is the lack of standardization. But this problem is now being tackled – the initiative of developer Pieter Wuille is a good start.