[FEATURE] Add Hybrid Post-Quantum Signature Support

[jimouris]

Describe the feature
Add support for hybrid PQ signatures, combining ECDSA with ML-DSA.

1. Migration: Check one of the signatures (OR)

sig_ecdsa = ECDSA.sign(m)
sig_mldsa = MLDSA.sign(m)

valid_ecdsa = ECDSA.verify(pk_ecdsa, m, sig_ecdsa)
valid_mldsa = MLDSA.verify(pk_mldsa, m, sig_mldsa)
return (valid_ecdsa OR valid_mldsa)

2. Option 1: Check both signatures (AND)

sig_ecdsa = ECDSA.sign(m)
sig_mldsa = MLDSA.sign(m)

valid_ecdsa = ECDSA.verify(pk_ecdsa, m, sig_ecdsa)
valid_mldsa = MLDSA.verify(pk_mldsa, m, sig_mldsa)
return (valid_ecdsa AND valid_mldsa)

3. Option 2: Nested signatures (nested AND)

sig_ecdsa = ECDSA.sign(m)
sig_mldsa = MLDSA.sign(m || sig_ecdsa)

valid_ecdsa = ECDSA.verify(pk_ecdsa, m, sig_ecdsa)
valid_mldsa = MLDSA.verify(pk_mldsa, (m || sig_ecdsa), sig_mldsa)
return (valid_ecdsa AND valid_mldsa)

The OR version will help with transition, so nothing breaks, but moving on, we should switch to either of the options 1 or 2.

On parameter set sizes, we can use level 1 or 2 (the equivalent of 128 or 192 bits of classical security) https://openquantumsafe.org/liboqs/algorithms/sig/ml-dsa.html.