Report Predicts Blockchain and Quantum Threat Will Quickly Spread Beyond Cybercurrencies; Surge in New Product and Services Opportunities to Come
The analyst foresees major commercial opportunities arising to protect blockchain against future quantum computer intrusions and agrees with the White House National Security Memorandum NSM-10, released on May 04, 2022, which indicates the urgency of addressing imminent quantum computing threats and the risks they present to the economy and to national security in the latest report “The Quantum Threat to Blockchain: Emerging Business Opportunities”.
Although primarily associated with cryptocurrencies, blockchain has been proposed for a wide range of transactions, including in insurance, real estate, voting, supply chain tracking, gaming, etc. These areas are all vulnerable to quantum threats, which lead to operations disruption, trust damage, and loss of intellectual property, financial assets, and regulated data.
Quantum computers threaten classical public-key cryptography blockchain technologies because they can break the computational security assumptions of elliptic curve cryptography. They also weaken the security of hash function algorithms, which protect blockchain's secrets. This new research report identifies not only the challenges, but also the opportunities in terms of new products and services that arise from the threat that quantum computers pose to the "blockchain" mechanism. According to a recent study by the consulting firm Deloitte, approximately one-fourth of the blockchain-based cybercurrency Bitcoin in circulation in 2022 is vulnerable to quantum attack.
This report covers both technical and policy issues relating to the quantum vulnerability of blockchain.
- With NIST announcing a new set of PQC standards in July 2022, PQC firms will soon be receiving major investments in the near term much of which will apply to blockchain. However, not all NIST-based PQC solutions will be feasible for blockchain use. Given the nature and intricacy of PQC, it will take years of planning for a successful migration to PQC-backed Blockchain protection.
- The earliest of expenditures on quantum safe technology in the block chain market will go to protecting data from attacks later, when quantum computing resources become mature. This issue becomes more important as we grow closer to the day when powerful quantum computers become a reality. But data theft today requires preemptive action. The quantum threat to the blockchain means that business opportunities in this space are emerging right now.
- There is a need for low-cost information-theoretically secure (ITS) solutions that instantly strengthen standardized cryptography systems used in blockchains. Already much discussed in this context are quantum-enabled blockchain architectures based on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD). Another important concept is quantum-enabled blockchain, which refers to an entire blockchain or some aspects of the blockchain functionality being run in quantum computing environments.
- Mining is another aspect of blockchains vulnerable to quantum attacks. Mining is the consensus process that certifies new transactions and keeps blockchain activities protected. One risk with mining is that miners using quantum computers could launch a 51% attack. A 51% attack is when a single entity controls more than half of the computational power of the blockchain. A quantum attack on mining would undermine the network's hashing power.
Table of Contents
1.1.1 The Threat of Quantum Computers to Blockchain
1.2 Cryptography Background to this Report
1.2.1 Concerned Organizations
1.2.2 NIST PQC Efforts and Beyond
1.2.3 Addressable Market for Quantum-safe Cybercurrency
1.3 The Goals of this Report
2.2 NIST and Post-quantum Cryptography
2.2.1 Structure of the NIST PQC Effort
2.2.2 Importance of Asymmetric Digital Signatures
2.2.3 Impact of Doubling Key Size
2.2.4 Algorithm Security Strength
2.3 Advanced Encryption Standard (AES)
2.4 Quantum Attack Resources Estimates to Break ECC and DSA
2.5 Quantum Resistant Cryptography for Blockchains
2.5.1 Taproot and Bitcoin Core
2.5.2 Impact of NIST-based PQC Algorithms
2.6 Post-quantum Random Oracle Model
2.6.1 Modeling Random Oracles for Quantum Attackers
2.7 Summary of this Chapter
3.1.1 What are Classical Blockchains?
3.2 Quantum-Enabled Blockchain
3.2.1 Role of Quantum-safe Security Technologies
3.3 Blockchain Security
3.3.1 Role of Conventional Cryptography
3.3.2 Attacks on Classical Cryptography
188.8.131.52 Some Known Attacks Against ECDSA
184.108.40.206 ECDSA Key Pair Generation:
220.127.116.11 Signature Computation:
18.104.22.168 Blockchain Security Summary:
3.4 Mitigating Cyberattacks on Blockchains
3.5 Blockchain Security: Entropy/Randomness
3.5.1 Examples of Low Entropy Attacks
3.6 Random Number Generator Product Evolution
3.6.4 OpenSSL 3.0
3.7 Summary of this Chapter
4.1.2 Quantum Gates
4.1.3 Quantum Fourier Transform
4.1.5 Amplitude Amplification
4.2 Quantum Algorithms
4.2.1 Shor’s Algorithm
4.3 Specific Quantum Threat to Blockchains
4.3.1 Risk of Quantum Attack in Authentication
4.3.2 Grover’s Algorithm and Hashing
4.4 Risk of Quantum Attack in Mining
4.5 Nonce Attacks
4.6 Blockchain Data Structures
4.7 Summary of this Chapter
5.1.1 Summary: Quantum Hashing Functions
5.2 Quantum Key Distribution (QKD)
5.2.1 Technical Issues
5.2.2 Issues Needing Work in Blockchain Enabled QKD
22.214.171.124 Summary: QKD Technical Issues and Blockchain Integration
126.96.36.199 Software-defined Networking QKD and Blockchain
5.3 Notes on Interface Protocols
5.3.1 Southbound Interface
5.3.2 Northbound Interface Protocol
5.3.3 Resource Allocation
5.4 Steps Blockchain Organizations Can Take Now
5.5 Summary of this Chapter
Exhibit 2-2: Comparison of Key size with the Number of Rounds Required
Exhibit 2-3: AES Operations and Rounds
Exhibit 2-4: Comparison of the Minimum Number of Logical Q-Bits Needed to Break RSA and DSA
Exhibit 3-1: Quantum Enabled Blockchain and Enterprise Networks
Exhibit 3-2: Blockchain Kill Chain
Exhibit 3-3: QRNG Enabled ECDSA Blockchain
Exhibit 3-4: QRNG Enabled ECDSA Digital Signature Generation
Exhibit 3-5: Common Sources of Entropy: Source Whitewood Encryption Systems
Exhibit 3-6: QRNG Enabled Blockchain
Exhibit 3-7: Entropy Lifecycle
Exhibit 3-8: QRNG Enabled Operating System Entropy
Exhibit 3-9: Abstraction of OpenSSL 3.0.0 Architecture
Exhibit 3-10: QRNG enabled OpenSSL 3.0 Entropy
Exhibit 4-1: A High-level Diagram of the QFT Circuit
Exhibit 4-2: Oracle (Uf) in Shor’s Algorithm Quantum Circuit
Exhibit 4-3: High-Level Grover Quantum Circuit
Exhibit 4-4: Blockchain Data Structure and Nonces
Exhibit 5-1: Swap Test to Check Whether - f? = - ?? where - f? and - ?? are Two Quantum States Outputted from the Same Hash Functions
Exhibit 5-2: Basic QKD Concept
Exhibit 5-3: Interfaces and Protocols in QKD Networks Enabled by SDN
This report identifies the challenges and opportunities that arise from the threat that quantum computers pose to the “blockchain” mechanism that makes cryptocurrencies viable as a form of money as well as playing an important role in future “smart contracts,” novel supply chain strategies and other innovative deployments of IT. That quantum is a major threat going forward is beyond doubt. According to a recent study by the consulting firm Deloitte, approximately one-fourth of the Bitcoin in circulation in 2022 is vulnerable to quantum attack. The White House National Security Memorandum/NSM-10, released on May 04, 2022, indicated the urgency of addressing imminent quantum computing threats and the significant risks to the economic and national security of the United States.
Although the main focus of this report is on the quantum threat to the integrity of cybercurrencies, the applicability of blockchain (and therefore the threat of quantum) is much broader than the newer types of money. Blockchain technology has been proposed for a wide range of transactions, including insurance, real estate, voting, supply chain tracking, gambling, etc. A quantum computer-compromised blockchain would allow eavesdropping, unauthorized client authentication, signed malware, cloak-in encrypted session, a man-in-the-middle attack (MITM), forged documents, and emails. These attacks can lead to mission-critical operations disruption, reputation, and trust damage, as well as loss of intellectual property, financial assets, and regulated data. Note that this report covers both technical and policy issues relating to the quantum vulnerability of blockchain.
As things stand now, blockchains are secured with relatively garden-variety encryption schemes. However, quantum computers will have the computational power to break these schemes as they grow in power. Predictions of when quantum computers will attain such power vary from five years to never, but, the threat hangs over the cryptocurrency industry as a whole and is a dampener to its prospects. Quantum computers directly threaten classical public-key/private key cryptography blockchain technologies because they can break the computational security assumptions of elliptic curve cryptography. They also significantly weaken the security of critical private key or hash function algorithms, which protect the blockchain’s secrets.
Also, some of the early expenditures on quantum-safe technology in the cybercurrency market will undoubtedly go to protecting data from attacks later, when quantum computing resources become mature. This issue becomes more important as we grow closer to the day when powerful quantum computers become a reality. But preemptive action on the quantum threat means that the business opportunities in this space are emerging right now.
As this report makes clear, the publisher sees major commercial opportunities to protect blockchain and the technologies dependent on blockchain against future quantum computer intrusions. One area that this report focuses on especially is post-quantum encryption (PQC), in which relatively traditional encryption schemes are devised that are simply much harder to break than currently used encryption schemes. With NIST announcing a new set of PQC standards in July 2022, the publisher believes that PQC firms will be receiving major investments in the near term as a result of the growing concerns about bad actors with access to quantum computing resources.
The publisher believes there is also a need for relatively low-cost information-theoretically secure (ITS) solutions that instantly strengthen standardized cryptography systems used in blockchains. Thus, this report also discusses quantum-enabled blockchain architectures based on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD).