Quantum-resistance in blockchain networks: Current approaches for quantum-safe cryptography

Table of Links

Abstract and 1. Introduction

2. Context

2.1. Quantum computing as a threat to cryptography

2.2. Current approaches for quantum-safe cryptography

2.3. Blockchain and the LACChain Blockchain Network

3. The vulnerabilities of blockchain technology with the advent of quantum computing

4. A Proposal for a Quantum-Safe Blockchain Network

5. Implementation and 5.1 Generation and distribution of quantum entropy

5.2. Generation of Post-Quantum Certificates

5.3. Encapsulation of the communication between nodes using quantum-safe cryptography

5.4. Signature of transactions using post-quantum keys

5.5. On-chain verification of post-quantum signatures

6. Conclusions and next steps, Acknowledgements, and References

2.2 Current approaches for quantum-safe cryptography

Discussions on quantum computers and cryptography usually surround two main areas of cryptography that are thought to resist attacks by large and robust quantum computers: quantum key distribution and post-quantum cryptography.

2.2.1 Quantum Key Distribution

Quantum Key Distribution (QKD) refers to quantum protocols for the co-creation of private symmetric keys between two parties using quantum and classical channels (e.g., optical fibers and wireless channels) by codifying private key bits into quantum states. If these quantum states are intercepted and observed by any eavesdropper, the information they contain (i.e., the bits of the key) is modified, and therefore the key is corrupted and the eavesdropper is detected. Best known QKD protocols are BB84 [26, 27] and E91 [28].

An illustrative example of a QKD implementation is the BB84 protocol using polarized photons. In this protocol, we have a sender (Alice), a recipient (Bob), and an eavesdropper (Eve). Alice codes the bits of a private key to share with Bob using non-orthogonal quantum states, such as bit value 0 using either |0i or |+> and bit value 1 using |1i or |−>. Then, photons are sent by Alice to Bob. Due to the properties of measurement in quantum mechanics, Eve’s eavesdropping activities will eventually be detected (that is, Eve’s activities will leave a trace that will eventually be detected by Alice and Bob) and, consequently, the protocol will stop and start over at a later stage [29, 30].

QKD protocols such as BB84 and E91 have been successfully implemented since 2003. However, QKD is not fully scalable today because ground-based key exchanges using optical fibers are limited to a few hundreds kilometers due to the degradation of the quantum states containing the keys [31]. Additionally, ground-to-satellite key exchanges require sophisticated infrastructure for generation, transmission, and reception of quantum keys [32, 33]. The scalability of these networks depends on the development of quantum repeaters, which require very sophisticated quantum memories. This is still an area under development [34, 35]. For these reasons, QKD has been discarded as a feasible solution to provide quantum safeness to blockchain networks today. However, this may change in the future as NSA, NIST, and ETSI, among others, have declared that quantum cryptography (such as QKD) would be the only alternative for long term secure encryption [22–24].

2.2.2 Post-Quantum Cryptography

Existing symmetric standards such as AES have already well-understood variants that are believed to provide adequate security against quantum adversaries. In contrast, it is well known that public (asymmetric) key cryptographic protocols such as RSA [36, 37], (Elliptic Curve) Digital Signature Algorithm [38], and (Elliptic Curve) Diffie-Hellman [39, 40] are considered vulnerable to quantum attacks.

Post-Quantum Cryptography (PQC) refers to a new generation of asymmetric algorithms that cannot be broken by Shor’s algorithm. Unlike QKD, PQC does not rely on any underlying quantum processes but rather on more complex mathematical problems. The main focus areas for postquantum algorithms to generate quantum-safe asymmetric key pairs are:

• Hash-based Cryptography, based on the security of hash functions.

• Code-based Cryptography, based on the difficulty of decoding generic linear code.

• Lattice-based Cryptography, based on the difficulty of well-studied lattice problems (e.g., shortest vector problem).

• Multivariate Cryptography, based on multivariate polynomials over a finite field.

As mentioned above, there is a standardization process being conducted by NIST which started in August 2016 with a request for comments [25]. This process, which called for submissions in the areas of “Public-key Encryption and Key Establishment Mechanisms (KEM)” and “Digital Signature Algorithms” announced the final and alternate rounds of in July 2020 [41]. The final algorithms are estimated to be standardized between 2022 and 2024 [42]. There are various initiatives running alongside NIST’s initiative such as PQCrypto [43] and Open Quantum Safe [44]. NITS’s finalists in the KEM category are:

• Classic McEliece, a code-based scheme. [45].

• Crystals-Kyber, a suite of algebraic lattices utilizing a Kyber primitive for KEM [46].

• NTRU, a lattice-based scheme [47].

• Saber, a lattice-based scheme utilizing learning with rounding [48].

The Digital Signature Algorithms are:

• Crystals-Dilithium, a suite of Algebraic lattices using a Dilithium primitive for signature [49].

• Falcon, lattice-based algorithm with shake256 hashing [50].

• Rainbow, multivariate based solution [51].

There are also a number of alternates proposed for both categories. Comments on the submissions’ security and efficacy can be found in [52]. While there are several candidates sharing a similar approach, their proposals vary in key sizes and signature sizes, making it necessary to evaluate each scheme against the architecture in which candidates are intended to be deployed.