The Quantum Threat to Blockchain: Emerging Business Opportunities
This report identifies the challenges and opportunities that arise from the threat that quantum computers pose to the “blockchain” mechanism that makes cryptocurrencies viable as a form of money as well as playing an important role in future “smart contracts,” novel supply chain strategies and other innovative deployments of IT. That quantum is a major threat going forward is beyond doubt. According to a recent study by the consulting firm Deloitte, approximately one-fourth of the Bitcoin in circulation in 2022 is vulnerable to quantum attack. The White House National Security Memorandum/NSM-10, released on May 04, 2022, indicated the urgency of addressing imminent quantum computing threats and the significant risks to the economic and national security of the United States.
Although the main focus of this report is on the quantum threat to the integrity of cybercurrencies, the applicability of blockchain (and therefore the threat of quantum) is much broader than the newer types of money. Blockchain technology has been proposed for a wide range of transactions, including insurance, real estate, voting, supply chain tracking, gambling, etc. A quantum computer-compromised blockchain would allow eavesdropping, unauthorized client authentication, signed malware, cloak-in encrypted session, a man-in-the-middle attack (MITM), forged documents, and emails. These attacks can lead to mission-critical operations disruption, reputation, and trust damage, as well as loss of intellectual property, financial assets, and regulated data. Note that this report covers both technical and policy issues relating to the quantum vulnerability of blockchain.
As things stand now, blockchains are secured with relatively garden-variety encryption schemes. However, quantum computers will have the computational power to break these schemes as they grow in power. Predictions of when quantum computers will attain such power vary from five years to never, but, the threat hangs over the cryptocurrency industry as a whole and is a dampener to its prospects. Quantum computers directly threaten classical public-key/private key cryptography blockchain technologies because they can break the computational security assumptions of elliptic curve cryptography. They also significantly weaken the security of critical private key or hash function algorithms, which protect the blockchain’s secrets.
Also, some of the early expenditures on quantum safe technology in the cybercurrency market will undoubtedly go to protecting data from attacks later, when quantum computing resources become mature. This issue becomes more important as we grow closer to the day when powerful quantum computers become a reality. But preemptive action on the quantum threat means that the business opportunities in this space are emerging right now.
As this report makes clear, IQT Research sees major commercial opportunities to protect blockchain and the technologies dependent on blockchain against future quantum computer intrusions. One area that this report focuses on especially is post-quantum encryption (PQC), in which relatively traditional encryption schemes are devised that are simply much harder to break than currently used encryption schemes. With NIST announcing a new set of PQC standards in July 2022, we believe that PQC firms will be receiving major investments in the near term as a result of the growing concerns about bad actors with access to quantum computing resources.
IQT Research believes there is also a need for relatively low-cost information-theoretically secure (ITS) solutions that instantly strengthen standardized cryptography systems used in blockchains. Thus, this report also discusses quantum-enabled blockchain architectures based on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD).
Table of Contents
Chapter One: Introduction
1.1 Objective and Scope of this Report
1.1.1 The Threat of Quantum Computers to Blockchain
1.2 Cryptography Background to this Report
1.2.1 Concerned Organizations
1.2.2 NIST PQC Efforts and Beyond
1.2.3 Addressable Market for Quantum-safe Cybercurrency
1.3 The Goals of this Report
Chapter Two: Classical Blockchain Cryptography and Quantum Computing Attacks
2.1 Overview of the Quantum Threat
2.2 NIST and Post-quantum Cryptography
2.2.1 Structure of the NIST PQC Effort
2.2.2 Importance of Asymmetric Digital Signatures
2.2.3 Impact of Doubling Key Size
2.2.4 Algorithm Security Strength
2.3 Advanced Encryption Standard (AES)
2.4 Quantum Attack Resources Estimates to Break ECC and DSA
2.5 Quantum Resistant Cryptography for Blockchains
2.5.1 Taproot and Bitcoin Core
2.5.2 Impact of NIST-based PQC Algorithms
2.6 Post-quantum Random Oracle Model
2.6.1 Modeling Random Oracles for Quantum Attackers
2.7 Summary of this Chapter
Chapter Three: Quantum Opportunities of the Blockchain Kind
3.1 Blockchain Basics
3.1.1 What are Classical Blockchains?
3.2 Quantum-Enabled Blockchain
3.2.1 Role of Quantum-safe Security Technologies
3.3 Blockchain Security
3.3.1 Role of Conventional Cryptography
3.3.2 Attacks on Classical Cryptography
3.3.2.1 Some Known Attacks Against ECDSA
3.3.2.2 ECDSA Key Pair Generation:
3.3.2.3 Signature Computation:
3.3.2.4 Recommendations:
3.3.2.5 Blockchain Security Summary:
3.4 Mitigating Cyberattacks on Blockchains
3.5 Blockchain Security: Entropy/Randomness
3.5.1 Examples of Low Entropy Attacks
3.6 Random Number Generator Product Evolution
3.6.1 PRNGs
3.6.2 TRNGs
3.6.3 QRNGs
3.6.4 OpenSSL 3.0
3.7 Summary of this Chapter
Chapter Four: Quantum Impacts on the Cryptocurrency Business
4.1 Qubit and Quantum Gates
4.1.1 Qubits
4.1.2 Quantum Gates
4.1.3 Quantum Fourier Transform
4.1.4 Oracle
4.1.5 Amplitude Amplification
4.2 Quantum Algorithms
4.2.1 Shor’s Algorithm
4.3 Specific Quantum Threat to Blockchains
4.3.1 Risk of Quantum Attack in Authentication
4.3.2 Grover’s Algorithm and Hashing
4.4 Risk of Quantum Attack in Mining
4.5 Nonce Attacks
4.6 Blockchain Data Structures
4.7 Summary of this Chapter
Chapter Five: Quantum Hash and QKD
5.1 Classical to Quantum Hashing Functions
5.1.1 Summary: Quantum Hashing Functions
5.2 Quantum Key Distribution (QKD)
5.2.1 Technical Issues
5.2.2 Issues Needing Work in Blockchain Enabled QKD
5.2.2.1 Summary: QKD Technical Issues and Blockchain Integration
5.2.2.2 Software-defined Networking QKD and Blockchain
5.3 Notes on Interface Protocols
5.3.1 Southbound Interface
5.3.2 Northbound Interface Protocol
5.3.3 Resource Allocation
5.4 Steps Blockchain Organizations Can Take Now
5.5 Summary of this Chapter
About IQT Research
About the Analyst
Acronyms and Abbreviations Used In this Report
List of Exhibits
Exhibit 2-1: Comparison of Typical Ciphers' Conventional and Quantum Security Levels
Exhibit 2-2: Comparison of Key size with the Number of Rounds Required
Exhibit 2-3: AES Operations and Rounds
Exhibit 2-4: Comparison of the Minimum Number of Logical Q-Bits Needed to Break RSA and DSA
Exhibit 3-1: Quantum Enabled Blockchain and Enterprise Networks
Exhibit 3-2: Blockchain Kill Chain
Exhibit 3-3: QRNG Enabled ECDSA Blockchain
Exhibit 3-4: QRNG Enabled ECDSA Digital Signature Generation
Exhibit 3-5: Common Sources of Entropy: Source Whitewood Encryption Systems
Exhibit 3-6: QRNG Enabled Blockchain
Exhibit 3-7: Entropy Lifecycle
Exhibit 3-8: QRNG Enabled Operating System Entropy
Exhibit 3-9: Abstraction of OpenSSL 3.0.0 Architecture
Exhibit 3-10: QRNG enabled OpenSSL 3.0 Entropy
Exhibit 4-1: A High-level Diagram of the QFT Circuit
Exhibit 4-2: Oracle (Uf) in Shor’s Algorithm Quantum Circuit
Exhibit 4-3: High-Level Grover Quantum Circuit
Exhibit 4-4: Blockchain Data Structure and Nonces
Exhibit 5-1: Swap Test to Check Whether |φ⟩ = |ψ⟩ where |φ⟩ and |ψ⟩ are Two Quantum States Outputted from the Same Hash Functions
Exhibit 5-2: Basic QKD Concept
Exhibit 5-3: Interfaces and Protocols in QKD Networks Enabled by SDN