Dublin – This report identifies the challenges and opportunities that arise from the threat that quantum computers pose to the “blockchain” mechanism that makes cryptocurrencies viable as a form of money as well as playing an important role in future “smart contracts,” novel supply chain strategies and other innovative deployments of IT.
That quantum is a major threat going forward is beyond doubt. According to a recent study by the consulting firm Deloitte, approximately one-fourth of the Bitcoin in circulation in 2022 is vulnerable to quantum attack. The White House National Security Memorandum/NSM-10, released on May 04, 2022, indicated the urgency of addressing imminent quantum computing threats and the significant risks to the economic and national security of the United States.
Although the main focus of this report is on the quantum threat to the integrity of cybercurrencies, the applicability of blockchain (and therefore the threat of quantum) is much broader than the newer types of money. Blockchain technology has been proposed for a wide range of transactions, including insurance, real estate, voting, supply chain tracking, gambling, etc.
A quantum computer-compromised blockchain would allow eavesdropping, unauthorized client authentication, signed malware, cloak-in encrypted session, a man-in-the-middle attack (MITM), forged documents, and emails. These attacks can lead to mission-critical operations disruption, reputation, and trust damage, as well as loss of intellectual property, financial assets, and regulated data. Note that this report covers both technical and policy issues relating to the quantum vulnerability of blockchain.
As things stand now, blockchains are secured with relatively garden-variety encryption schemes. However, quantum computers will have the computational power to break these schemes as they grow in power. Predictions of when quantum computers will attain such power vary from five years to never, but, the threat hangs over the cryptocurrency industry as a whole and is a dampener to its prospects.
Quantum computers directly threaten classical public-key/private key cryptography blockchain technologies because they can break the computational security assumptions of elliptic curve cryptography. They also significantly weaken the security of critical private key or hash function algorithms, which protect the blockchain’s secrets.
Also, some of the early expenditures on quantum-safe technology in the cybercurrency market will undoubtedly go to protecting data from attacks later, when quantum computing resources become mature. This issue becomes more important as we grow closer to the day when powerful quantum computers become a reality. But preemptive action on the quantum threat means that the business opportunities in this space are emerging right now.
As this report makes clear, the publisher sees major commercial opportunities to protect blockchain and the technologies dependent on blockchain against future quantum computer intrusions. One area that this report focuses on especially is post-quantum encryption (PQC), in which relatively traditional encryption schemes are devised that are simply much harder to break than currently used encryption schemes.
With NIST announcing a new set of PQC standards in July 2022, the publisher believes that PQC firms will be receiving major investments in the near term as a result of the growing concerns about bad actors with access to quantum computing resources.
The publisher believes there is also a need for relatively low-cost information-theoretically secure (ITS) solutions that instantly strengthen standardized cryptography systems used in blockchains. Thus, this report also discusses quantum-enabled blockchain architectures based on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD).
Key Highlights:
- With NIST announcing a new set of PQC standards in July 2022, PQC firms will soon be receiving major investments in the near term much of which will apply to blockchain. However, not all NIST-based PQC solutions will be feasible for blockchain use. Given the nature and intricacy of PQC, it will take years of planning for a successful migration to PQC-backed Blockchain protection.
- The earliest of expenditures on quantum safe technology in the block chain market will go to protecting data from attacks later, when quantum computing resources become mature. This issue becomes more important as we grow closer to the day when powerful quantum computers become a reality. But data theft today requires preemptive action. The quantum threat to the blockchain means that business opportunities in this space are emerging right now.
- There is a need for low-cost information-theoretically secure (ITS) solutions that instantly strengthen standardized cryptography systems used in blockchains. Already much discussed in this context are quantum-enabled blockchain architectures based on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD). Another important concept is quantum-enabled blockchain, which refers to an entire blockchain or some aspects of the blockchain functionality being run in quantum computing environments.
- Mining is another aspect of blockchains vulnerable to quantum attacks. Mining is the consensus process that certifies new transactions and keeps blockchain activities protected. One risk with mining is that miners using quantum computers could launch a 51% attack. A 51% attack is when a single entity controls more than half of the computational power of the blockchain. A quantum attack on mining would undermine the network’s hashing power.
Key Topics Covered:
Chapter One: Introduction
1.1 Objective and Scope of this Report
1.1.1 The Threat of Quantum Computers to Blockchain
1.2 Cryptography Background to this Report
1.2.1 Concerned Organizations
1.2.2 NIST PQC Efforts and Beyond
1.2.3 Addressable Market for Quantum-safe Cybercurrency
1.3 The Goals of this Report
Chapter Two: Classical Blockchain Cryptography and Quantum Computing Attacks
2.1 Overview of the Quantum Threat
2.2 NIST and Post-quantum Cryptography
2.2.1 Structure of the NIST PQC Effort
2.2.2 Importance of Asymmetric Digital Signatures
2.2.3 Impact of Doubling Key Size
2.2.4 Algorithm Security Strength
2.3 Advanced Encryption Standard (AES)
2.4 Quantum Attack Resources Estimates to Break ECC and DSA
2.5 Quantum Resistant Cryptography for Blockchains
2.5.1 Taproot and Bitcoin Core
2.5.2 Impact of NIST-based PQC Algorithms
2.6 Post-quantum Random Oracle Model
2.6.1 Modeling Random Oracles for Quantum Attackers
2.7 Summary of this Chapter
Chapter Three: Quantum Opportunities of the Blockchain Kind
3.1 Blockchain Basics
3.1.1 What are Classical Blockchains?
3.2 Quantum-Enabled Blockchain
3.2.1 Role of Quantum-safe Security Technologies
3.3 Blockchain Security
3.3.1 Role of Conventional Cryptography
3.3.2 Attacks on Classical Cryptography
3.3.2.1 Some Known Attacks Against ECDSA
3.3.2.2 ECDSA Key Pair Generation:
3.3.2.3 Signature Computation:
3.3.2.4 Recommendations:
3.3.2.5 Blockchain Security Summary:
3.4 Mitigating Cyberattacks on Blockchains
3.5 Blockchain Security: Entropy/Randomness
3.5.1 Examples of Low Entropy Attacks
3.6 Random Number Generator Product Evolution
3.6.1 PRNGs
3.6.2 TRNGs
3.6.3 QRNGs
3.6.4 OpenSSL 3.0
3.7 Summary of this Chapter
Chapter Four: Quantum Impacts on the Cryptocurrency Business
4.1 Qubit and Quantum Gates
4.1.1 Qubits
4.1.2 Quantum Gates
4.1.3 Quantum Fourier Transform
4.1.4 Oracle
4.1.5 Amplitude Amplification
4.2 Quantum Algorithms
4.2.1 Shor’s Algorithm
4.3 Specific Quantum Threat to Blockchains
4.3.1 Risk of Quantum Attack in Authentication
4.3.2 Grover’s Algorithm and Hashing
4.4 Risk of Quantum Attack in Mining
4.5 Nonce Attacks
4.6 Blockchain Data Structures
4.7 Summary of this Chapter
Chapter Five: Quantum Hash and QKD
5.1 Classical to Quantum Hashing Functions
5.1.1 Summary: Quantum Hashing Functions
5.2 Quantum Key Distribution (QKD)
5.2.1 Technical Issues
5.2.2 Issues Needing Work in Blockchain Enabled QKD
5.2.2.1 Summary: QKD Technical Issues and Blockchain Integration
5.2.2.2 Software-defined Networking QKD and Blockchain
5.3 Notes on Interface Protocols
5.3.1 Southbound Interface
5.3.2 Northbound Interface Protocol
5.3.3 Resource Allocation
5.4 Steps Blockchain Organizations Can Take Now
5.5 Summary of this Chapter
Source: Research and Markets