Isogeny-based cryptography (IBC) is presented as the most promising post-quantum replacement for classical elliptic curve cryptography in Bitcoin. Unlike hash-based signatures (the current leading PQC candidate), isogenies preserve algebraic structure that enables key-tweaking, BIP32 HD wallet derivation, and silent payments — features that most PQC schemes forfeit. SQIsign offers the smallest pubkey+signature sizes of any NIST PQC candidate (213 bytes at NIST-I), while the newer PRISM scheme offers simpler implementation at comparable sizes. The 2022 SIDH attack is contextualized: it did not break most IBC systems and actually accelerated the field by rediscovering Kani's Lemma. Isogeny rerandomization is shown to generalize taproot key tweaking, BIP32 derivation, and silent payments into a single quantum-safe primitive. Drawbacks include slow verification (>1ms per signature), malleable signatures in SQIsign, lack of compact multisig schemes, difficulty generating NUMS curves, and a steep mathematical learning curve. Bitcoin developers, businesses, custodians, and investors are urged to invest in IBC research now.
Table of contents
DisclaimerHigh LevelSQIsignPRISMThe SIDH AttackRerandomizable Public KeysIsogeny RerandomizationExamplesDrawbacksConclusionsOther Sources about IsogeniesSort: