{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T17:13:20Z","timestamp":1778087600128,"version":"3.51.4"},"publisher-location":"Cham","reference-count":69,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032253163","type":"print"},{"value":"9783032253170","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-25317-0_8","type":"book-chapter","created":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T16:33:30Z","timestamp":1778085210000},"page":"222-250","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Bird of\u00a0Prey: Practical Signature Combiners Preserving Strong Unforgeability"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1385-3884","authenticated-orcid":false,"given":"Jonas","family":"Janneck","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2026,5,7]]},"reference":[{"key":"8_CR1","unstructured":"Algorand: Leading on post-quantum technology (2025). https:\/\/algorand.co\/technology\/post-quantum"},{"key":"8_CR2","doi-asserted-by":"publisher","unstructured":"Alwen, J., Janneck, J., Kiltz, E., Lipp, B.: The pre-shared key modes of HPKE. In: Guo, J., Steinfeld, R. (eds.) Advances in Cryptology \u2013 ASIACRYPT\u00a02023, Part\u00a0VI. Lecture Notes in Computer Science, vol. 14443, pp. 329\u2013360. Springer, Singapore, Singapore, Guangzhou, China (Dec\u00a04\u20138, 2023). https:\/\/doi.org\/10.1007\/978-981-99-8736-8_11","DOI":"10.1007\/978-981-99-8736-8_11"},{"key":"8_CR3","unstructured":"ANSSI: Anssi views on the post-quantum cryptography transition (2023 follow up) (2023). https:\/\/cyber.gouv.fr\/sites\/default\/files\/document\/follow_up_position_paper_on_post_quantum_cryptography.pdf"},{"key":"8_CR4","doi-asserted-by":"publisher","unstructured":"Arriaga, A., Barbosa, M., Farshim, P.: On the joint security of signature and encryption schemes under randomness reuse: Efficiency and security amplification. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 12: 10th International Conference on Applied Cryptography and Network Security. LNCS, vol.\u00a07341, pp. 206\u2013223. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-31284-7_13","DOI":"10.1007\/978-3-642-31284-7_13"},{"key":"8_CR5","doi-asserted-by":"publisher","unstructured":"Aumayr, L., Ersoy, O., Erwig, A., Faust, S., Host\u00e1kov\u00e1, K., Maffei, M., Moreno-Sanchez, P., Riahi, S.: Generalized channels from limited blockchain scripts and adaptor signatures. In: Tibouchi, M., Wang, H. (eds.) Advances in Cryptology \u2013 ASIACRYPT\u00a02021, Part\u00a0II. LNCS, vol. 13091, pp. 635\u2013664. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92075-3_22","DOI":"10.1007\/978-3-030-92075-3_22"},{"key":"8_CR6","unstructured":"AWS: Aws kms adds support for post-quantum ml-dsa digital signatures (2025). https:\/\/aws.amazon.com\/about-aws\/whats-new\/2025\/06\/aws-kms-post-quantum-ml-dsa-digital-signatures\/"},{"key":"8_CR7","doi-asserted-by":"publisher","unstructured":"Bader, C., Hofheinz, D., Jager, T., Kiltz, E., Li, Y.: Tightly-secure authenticated key exchange. In: Dodis, Y., Nielsen, J.B. (eds.) TCC\u00a02015: 12th Theory of Cryptography Conference, Part\u00a0I. LNCS, vol.\u00a09014, pp. 629\u2013658. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46494-6_26","DOI":"10.1007\/978-3-662-46494-6_26"},{"key":"8_CR8","doi-asserted-by":"publisher","unstructured":"Barbosa, M., Connolly, D., Duarte, J.D., Kaiser, A., Schwabe, P., Varner, K., Westerbaan, B.: X-Wing. IACR Communications in Cryptology (CiC) 1(1), 21 (2024). https:\/\/doi.org\/10.62056\/a3qj89n4e","DOI":"10.62056\/a3qj89n4e"},{"key":"8_CR9","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Denning, D.E., Pyle, R., Ganesan, R., Sandhu, R.S., Ashby, V. (eds.) ACM CCS 93: 1st Conference on Computer and Communications Security, pp. 62\u201373. ACM Press, Fairfax (1993). https:\/\/doi.org\/10.1145\/168588.168596","DOI":"10.1145\/168588.168596"},{"key":"8_CR10","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: The exact security of digital signatures: How to sign with RSA and Rabin. In: Maurer, U.M. (ed.) Advances in Cryptology \u2013 EUROCRYPT\u201996. LNCS, vol.\u00a01070, pp. 399\u2013416. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68339-9_34","DOI":"10.1007\/3-540-68339-9_34"},{"key":"8_CR11","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay, S. (ed.) Advances in Cryptology \u2013 EUROCRYPT\u00a02006. LNCS, vol.\u00a04004, pp. 409\u2013426. Springer Berlin Heidelberg, Germany, St. Petersburg, Russia (2006). https:\/\/doi.org\/10.1007\/11761679_25","DOI":"10.1007\/11761679_25"},{"key":"8_CR12","doi-asserted-by":"publisher","unstructured":"Bergsma, F., Dowling, B., Kohlar, F., Schwenk, J., Stebila, D.: Multi-ciphersuite security of the Secure Shell (SSH) protocol. In: Ahn, G.J., Yung, M., Li, N. (eds.) ACM CCS 2014: 21st Conference on Computer and Communications Security, pp. 369\u2013381. ACM Press, Scottsdale, AZ, USA, Nov\u00a03\u20137, 2014. https:\/\/doi.org\/10.1145\/2660267.2660286","DOI":"10.1145\/2660267.2660286"},{"key":"8_CR13","unstructured":"Bernstein, D.J., Brumley, B.B., Chen, M.S., Tuveri, N.: OpenSSLNTRU: faster post-quantum TLS key exchange. In: Butler, K.R.B., Thomas, K. (eds.) USENIX Security 2022: 31st USENIX Security Symposium, pp. 845\u2013862. USENIX Association, Boston, MA, USA, Aug\u00a010\u201312, 2022. https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/bernstein"},{"issue":"2","key":"8_CR14","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/s13389-012-0027-1","volume":"2","author":"DJ Bernstein","year":"2012","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.Y.: High-speed high-security signatures. J. Cryptogr. Eng. 2(2), 77\u201389 (2012). https:\/\/doi.org\/10.1007\/s13389-012-0027-1","journal-title":"J. Cryptogr. Eng."},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J., H\u00fclsing, A., K\u00f6lbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The sphincs+ signature framework. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2129\u20132146 (2019)","DOI":"10.1145\/3319535.3363229"},{"key":"8_CR16","unstructured":"Bindel, N., Hale, B.: A note on hybrid signature schemes. Cryptology ePrint Archive, Report 2023\/423 (2023). https:\/\/eprint.iacr.org\/2023\/423"},{"key":"8_CR17","doi-asserted-by":"publisher","unstructured":"Bindel, N., Herath, U., McKague, M., Stebila, D.: Transitioning to a quantum-resistant public key infrastructure. In: Lange, T., Takagi, T. (eds.) Post-Quantum Cryptography - 8th International Workshop, PQCrypto 2017, pp. 384\u2013405. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-59879-6_22","DOI":"10.1007\/978-3-319-59879-6_22"},{"issue":"4","key":"8_CR18","doi-asserted-by":"publisher","first-page":"297","DOI":"10.1007\/s00145-004-0314-9","volume":"17","author":"D Boneh","year":"2004","unstructured":"Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. J. Cryptol. 17(4), 297\u2013319 (2004). https:\/\/doi.org\/10.1007\/s00145-004-0314-9","journal-title":"J. Cryptol."},{"key":"8_CR19","unstructured":"Bos, J.W., et al.: HAWK. Tech. rep., National Institute of Standards and Technology (2023). https:\/\/csrc.nist.gov\/Projects\/pqc-dig-sig\/round-1-additional-signatures"},{"key":"8_CR20","doi-asserted-by":"publisher","unstructured":"Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: 2015 IEEE Symposium on Security and Privacy, pp. 553\u2013570. IEEE Computer Society Press, San Jose, CA, USA, May\u00a017\u201321, 2015. https:\/\/doi.org\/10.1109\/SP.2015.40","DOI":"10.1109\/SP.2015.40"},{"key":"8_CR21","doi-asserted-by":"publisher","unstructured":"Brendel, J., Cremers, C., Jackson, D., Zhao, M.: The provable security of Ed25519: Theory and practice. In: 2021 IEEE Symposium on Security and Privacy, pp. 1659\u20131676. IEEE Computer Society Press, San Francisco, CA, USA, May\u00a024\u201327, 2021. https:\/\/doi.org\/10.1109\/SP40001.2021.00042","DOI":"10.1109\/SP40001.2021.00042"},{"key":"8_CR22","unstructured":"BSI: Cryptographic mechanisms: Recommendations and key lengths - bsi tr-02102-1 (2024). https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/EN\/BSI\/Publications\/TechGuidelines\/TG02102\/BSI-TR-02102-1.pdf"},{"key":"8_CR23","unstructured":"Connolly, D., H\u00f6velmanns, K., H\u00fclsing, A., Kousidis, S., Meijers, M.: Starfighters\u2014on the general applicability of X-wing. Cryptology ePrint Archive, Report 2025\/1397 (2025). https:\/\/eprint.iacr.org\/2025\/1397"},{"key":"8_CR24","doi-asserted-by":"publisher","unstructured":"Cremers, C., D\u00fczl\u00fc, S., Fiedler, R., Fischlin, M., Janson, C.: BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures. In: 2021 IEEE Symposium on Security and Privacy, pp. 1696\u20131714. IEEE Computer Society Press, San Francisco, CA, USA, May\u00a024\u201327, 2021. https:\/\/doi.org\/10.1109\/SP40001.2021.00093","DOI":"10.1109\/SP40001.2021.00093"},{"key":"8_CR25","unstructured":"Cremers, C., G\u00fcnsay, E., Wesselkamp, V., Zhao, M.: ETK: External-operations TreeKEM and the security of MLS in RFC 9420. Cryptology ePrint Archive, Report 2025\/229 (2025). https:\/\/eprint.iacr.org\/2025\/229"},{"key":"8_CR26","doi-asserted-by":"publisher","unstructured":"Don, J., Fehr, S., Huang, Y.H., Liao, J.J., Struck, P.: Hide-and-seek and the non-resignability of the BUFF transform. In: Boyle, E., Mahmoody, M. (eds.) TCC\u00a02024: 22nd Theory of Cryptography Conference, Part\u00a0III. LNCS, vol. 15366, pp. 347\u2013370. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-78020-2_12","DOI":"10.1007\/978-3-031-78020-2_12"},{"key":"8_CR27","doi-asserted-by":"publisher","unstructured":"Don, J., Fehr, S., Huang, Y.H., Struck, P.: On the (in)security of the BUFF transform. In: Reyzin, L., Stebila, D. (eds.) Advances in Cryptology \u2013 CRYPTO\u00a02024, Part\u00a0I. LNCS, vol. 14920, pp. 246\u2013275. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-68376-3_8","DOI":"10.1007\/978-3-031-68376-3_8"},{"key":"8_CR28","doi-asserted-by":"crossref","unstructured":"Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G., Stehl\u00e9, D.: Crystals-dilithium: A lattice-based digital signature scheme. IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 238\u2013268 (2018)","DOI":"10.46586\/tches.v2018.i1.238-268"},{"key":"8_CR29","doi-asserted-by":"publisher","unstructured":"D\u00fczl\u00fc, S., Struck, P.: The role of message-bound signatures for the beyond UnForgeability features and weak keys. In: Mouha, N., Nikiforakis, N. (eds.) ISC\u00a02024: 27th International Conference on Information Security, Part\u00a0II. LNCS, vol. 15258, pp. 61\u201380. Springer, Cham (2024). https:\/\/doi.org\/10.1007\/978-3-031-75764-8_4","DOI":"10.1007\/978-3-031-75764-8_4"},{"key":"8_CR30","unstructured":"Faller, S., Hesse, J.: How to (not) combine oblivious pseudorandom functions. Cryptology ePrint Archive, Paper 2025\/1084 (2025). https:\/\/eprint.iacr.org\/2025\/1084"},{"key":"8_CR31","unstructured":"Gajland, P., Hwang, V., Janneck, J.: Shadowfax: A deniability-preserving AKEM combiner. Cryptology ePrint Archive, Report 2025\/154 (2025). https:\/\/eprint.iacr.org\/2025\/154"},{"key":"8_CR32","unstructured":"Gajland, P., Janneck, J., Kiltz, E.: A closer look at falcon. Cryptology ePrint Archive, Report 2024\/1769 (2024). https:\/\/eprint.iacr.org\/2024\/1769"},{"key":"8_CR33","doi-asserted-by":"publisher","unstructured":"Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Ladner, R.E., Dwork, C. (eds.) 40th Annual ACM Symposium on Theory of Computing, pp. 197\u2013206. ACM Press, Victoria, BC, Canada, May\u00a017\u201320, 2008. https:\/\/doi.org\/10.1145\/1374376.1374407","DOI":"10.1145\/1374376.1374407"},{"key":"8_CR34","doi-asserted-by":"crossref","unstructured":"Ghinea, D., et al.: Hybrid post-quantum signatures in hardware security keys. In: International Conference on Applied Cryptography and Network Security, pp. 480\u2013499. Springer (2023)","DOI":"10.1007\/978-3-031-41181-6_26"},{"key":"8_CR35","doi-asserted-by":"publisher","unstructured":"Giacon, F., Heuer, F., Poettering, B.: KEM combiners. In: Abdalla, M., Dahab, R. (eds.) PKC\u00a02018: 21st International Conference on Theory and Practice of Public Key Cryptography, Part\u00a0I. Lecture Notes in Computer Science, vol. 10769, pp. 190\u2013218. Springer, Cham, Switzerland, Rio de Janeiro, Brazil (Mar\u00a025\u201329, 2018). https:\/\/doi.org\/10.1007\/978-3-319-76578-5_7","DOI":"10.1007\/978-3-319-76578-5_7"},{"key":"8_CR36","unstructured":"Goldberg, S., Haller, M., Heninger, N., Milano, M., Shumow, D., Stevens, M., Suhl, A.: RADIUS\/UDP considered harmful. In: Balzarotti, D., Xu, W. (eds.) USENIX Security 2024: 33rd USENIX Security Symposium. USENIX Association, Philadelphia, PA, USA (Aug\u00a014\u201316, 2024), https:\/\/www.usenix.org\/conference\/usenixsecurity24\/presentation\/goldberg"},{"key":"8_CR37","doi-asserted-by":"crossref","unstructured":"G\u00fcnther, F., Rosenberg, M., Stebila, D., Veitch, S.: Hybrid obfuscated key exchange and KEMs. Cryptology ePrint Archive, Report 2025\/408 (2025). https:\/\/eprint.iacr.org\/2025\/408","DOI":"10.1007\/978-3-032-01881-6_18"},{"key":"8_CR38","doi-asserted-by":"publisher","unstructured":"Hesse, J., Rosenberg, M.: PAKE combiners and efficient post-quantum instantiations. In: Advances in Cryptology \u2013 EUROCRYPT\u00a02025, Part\u00a0II, pp. 395\u2013420. LNCS, Springer, Cham (2025). https:\/\/doi.org\/10.1007\/978-3-031-91124-8_14","DOI":"10.1007\/978-3-031-91124-8_14"},{"key":"8_CR39","doi-asserted-by":"publisher","unstructured":"Jager, T., Kiltz, E., Riepel, D., Sch\u00e4ge, S.: Tightly-secure authenticated key exchange, revisited. In: Canteaut, A., Standaert, F.X. (eds.) Advances in Cryptology \u2013 EUROCRYPT\u00a02021, Part\u00a0I. LNCS, vol. 12696, pp. 117\u2013146. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77870-5_5","DOI":"10.1007\/978-3-030-77870-5_5"},{"key":"8_CR40","unstructured":"Janneck, J.: Bird of prey: Practical signature combiners preserving strong unforgeability. Cryptology ePrint Archive, Report 2025\/1844 (2025). https:\/\/eprint.iacr.org\/2025\/1844"},{"key":"8_CR41","unstructured":"Janneck, J., Meers, J., Ostuzzi, M., Riepel, D.: Snake mackerel: An isogeny-based AKEM leveraging randomness reuse. Cryptology ePrint Archive, Report 2025\/1474 (2025). https:\/\/eprint.iacr.org\/2025\/1474"},{"key":"8_CR42","doi-asserted-by":"publisher","unstructured":"Kiltz, E., Lyubashevsky, V., Schaffner, C.: A concrete treatment of Fiat-Shamir signatures in the quantum random-oracle model. In: Nielsen, J.B., Rijmen, V. (eds.) Advances in Cryptology \u2013 EUROCRYPT\u00a02018, Part\u00a0III. LNCS, vol. 10822, pp. 552\u2013586. Springer, Cham (Apr\u00a029\u00a0\u2013\u00a0May\u00a03, 2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_18","DOI":"10.1007\/978-3-319-78372-7_18"},{"key":"8_CR43","doi-asserted-by":"publisher","unstructured":"Kiltz, E., Masny, D., Pan, J.: Optimal security proofs for signatures from identification schemes. In: Robshaw, M., Katz, J. (eds.) Advances in Cryptology \u2013 CRYPTO\u00a02016, Part\u00a0II. LNCS, vol.\u00a09815, pp. 33\u201361. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_2","DOI":"10.1007\/978-3-662-53008-5_2"},{"key":"8_CR44","unstructured":"Klitzke, E.: Bitcoin transaction malleability (2017). https:\/\/eklitzke.org\/bitcoin-transaction-malleability"},{"key":"8_CR45","unstructured":"Kret, E., Schmidt, R.: The pqxdh key agreement protocol (2024). https:\/\/signal.org\/docs\/specifications\/pqxdh\/pqxdh.pdf"},{"key":"8_CR46","unstructured":"Kwiatkowski, K., Valenta, L.: The TLS post-quantum experiment. Post on the Cloudflare blog (2019). https:\/\/blog.cloudflare.com\/the-tls-post-quantum-experiment\/"},{"key":"8_CR47","unstructured":"Langley, A.: CECPQ1 results. Blog post (2016). https:\/\/www.imperialviolet.org\/2016\/11\/28\/cecpq1.html"},{"key":"8_CR48","unstructured":"Langley, A.: CECPQ2. Blog post (2018). https:\/\/www.imperialviolet.org\/2018\/12\/12\/cecpq2.html"},{"key":"8_CR49","unstructured":"Linker, F., Sasse, R., Basin, D.: A formal analysis of apple\u2019s iMessage PQ3 protocol. Cryptology ePrint Archive, Paper 2024\/1395 (2024). https:\/\/eprint.iacr.org\/2024\/1395"},{"key":"8_CR50","doi-asserted-by":"publisher","unstructured":"Lyu, Y., Liu, S.: Hybrid password authentication key exchange in the UC framework. In: Advances in Cryptology \u2013 EUROCRYPT\u00a02025, Part\u00a0II, pp. 421\u2013450. LNCS. Springer, Cham (2025). https:\/\/doi.org\/10.1007\/978-3-031-91124-8_15","DOI":"10.1007\/978-3-031-91124-8_15"},{"key":"8_CR51","doi-asserted-by":"crossref","unstructured":"Massimo, J., Kampanakis, P., Turner, S., Westerbaan, B.: Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Digital Signature Algorithm (ML-DSA). Internet-Draft draft-ietf-lamps-dilithium-certificates-12, Internet Engineering Task Force (Jun 2025), https:\/\/datatracker.ietf.org\/doc\/draft-ietf-lamps-dilithium-certificates\/12\/, work in Progress","DOI":"10.17487\/RFC9881"},{"key":"8_CR52","doi-asserted-by":"publisher","unstructured":"Module-lattice-based digital signature standard. National Institute of Standards and Technology NIST FIPS PUB 204, U.S. Department of Commerce, August 2024. https:\/\/doi.org\/10.6028\/nist.fips.204, http:\/\/dx.doi.org\/10.6028\/NIST.FIPS.204","DOI":"10.6028\/nist.fips.204"},{"key":"8_CR53","doi-asserted-by":"publisher","unstructured":"Module-lattice-based key-encapsulation mechanism standard. National Institute of Standards and Technology NIST FIPS PUB 203, U.S. Department of Commerce, August 2024. https:\/\/doi.org\/10.6028\/nist.fips.203. http:\/\/dx.doi.org\/10.6028\/NIST.FIPS.203","DOI":"10.6028\/nist.fips.203"},{"key":"8_CR54","doi-asserted-by":"publisher","unstructured":"Moriarty, K., Kaliski, B., Jonsson, J., Rusch, A.: PKCS #1: RSA Cryptography Specifications Version 2.2. RFC 8017, November 2016. https:\/\/doi.org\/10.17487\/RFC8017, https:\/\/www.rfc-editor.org\/info\/rfc8017","DOI":"10.17487\/RFC8017"},{"key":"8_CR55","unstructured":"NIST: Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Post-Quantum-Cryptography\/documents\/call-for-proposals-final-dec-2016.pdf"},{"key":"8_CR56","unstructured":"NIST: Post-quantum cryptography pqc (2025). https:\/\/csrc.nist.gov\/projects\/post-quantum-cryptography"},{"key":"8_CR57","unstructured":"Ounsworth, M., Gray, J., Pala, M., Klau\u00dfner, J., Fluhrer, S.: Composite ML-DSA for use in X.509 Public Key Infrastructure. Internet-Draft draft-ietf-lamps-pq-composite-sigs-14, Internet Engineering Task Force, January 2026. https:\/\/datatracker.ietf.org\/doc\/draft-ietf-lamps-pq-composite-sigs\/14\/, work in Progress"},{"key":"8_CR58","doi-asserted-by":"publisher","unstructured":"Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Ding, J., Tillich, J.P. (eds.) Post-Quantum Cryptography - 11th International Conference, PQCrypto 2020, pp. 72\u201391. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-44223-1_5","DOI":"10.1007\/978-3-030-44223-1_5"},{"key":"8_CR59","doi-asserted-by":"publisher","unstructured":"Pornin, T., Stern, J.P.: Digital signatures do not guarantee exclusive ownership. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 05: 3rd International Conference on Applied Cryptography and Network Security. LNCS, vol.\u00a03531, pp. 138\u2013150. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11496137_10","DOI":"10.1007\/11496137_10"},{"key":"8_CR60","unstructured":"Prabel, L., Wang, G., Janneck, J., Reddy.K, T., Mattsson, J.P.: Hybrid Digital Signatures with Strong Unforgeability. Internet-Draft draft-prabel-cfrg-suf-hybrid-sigs-00, Internet Engineering Task Force, October 2025. https:\/\/datatracker.ietf.org\/doc\/draft-prabel-cfrg-suf-hybrid-sigs\/00\/, work in Progress"},{"key":"8_CR61","unstructured":"Prest, T., et al.: Falcon. Submission to the NIST Post-Quantum Cryptography Standardization Project (2020). https:\/\/falcon-sign.info\/"},{"issue":"2","key":"8_CR62","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"RL Rivest","year":"1978","unstructured":"Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120\u2013126 (1978)","journal-title":"Commun. ACM"},{"issue":"3","key":"8_CR63","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"CP Schnorr","year":"1991","unstructured":"Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991). https:\/\/doi.org\/10.1007\/BF00196725","journal-title":"J. Cryptol."},{"key":"8_CR64","doi-asserted-by":"publisher","unstructured":"Stateless hash-based digital signature standard. National Institute of Standards and Technology NIST FIPS PUB 205, U.S. Department of Commerce (Aug 2024). https:\/\/doi.org\/10.6028\/nist.fips.205, http:\/\/dx.doi.org\/10.6028\/NIST.FIPS.205","DOI":"10.6028\/nist.fips.205"},{"key":"8_CR65","unstructured":"Stebila, D.: Security analysis of the iMessage PQ3 protocol. Cryptology ePrint Archive, Report 2024\/357 (2024). https:\/\/eprint.iacr.org\/2024\/357"},{"key":"8_CR66","doi-asserted-by":"crossref","unstructured":"Steinfeld, R., Pieprzyk, J., Wang, H.: How to strengthen any weakly unforgeable signature into a strongly unforgeable signature. In: Cryptographers\u2019 Track at the RSA Conference, pp. 357\u2013371. Springer (2007)","DOI":"10.1007\/11967668_23"},{"key":"8_CR67","doi-asserted-by":"publisher","unstructured":"Tairi, E., Moreno-Sanchez, P., Maffei, M.: Post-quantum adaptor signature for privacy-preserving off-chain payments. In: Borisov, N., D\u00edaz, C. (eds.) FC 2021: 25th International Conference on Financial Cryptography and Data Security, Part\u00a0II. LNCS, vol. 12675, pp. 131\u2013150. Springer, Heidelberg (2021). https:\/\/doi.org\/10.1007\/978-3-662-64331-0_7","DOI":"10.1007\/978-3-662-64331-0_7"},{"key":"8_CR68","unstructured":"Wang, X., Feng, D., Lai, X., Yu, H.: Collisions for hash functions MD4, MD5, HAVAL-128 and RIPEMD. Cryptology ePrint Archive, Report 2004\/199 (2004). https:\/\/eprint.iacr.org\/2004\/199"},{"key":"8_CR69","unstructured":"Westerbaan, B., Rubin, C.D.: Defending against future threats: Cloudflare goes post-quantum. Post on the Cloudflare blog (2019). https:\/\/blog.cloudflare.com\/post-quantum-for-all\/"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2026"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-25317-0_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T16:33:48Z","timestamp":1778085228000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-25317-0_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032253163","9783032253170"],"references-count":69,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-25317-0_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"7 May 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rome","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2026","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 May 2026","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 May 2026","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"45","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2026","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2026\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}