Discussion Post on PQC - Quantum Vulnerabilities of Blockchains

Apologies for that, it must have been the framing.

Should have added more context.

I was referencing the link on this sentence.

The section “Consensus in the decentralised realm of Bitcoin is hard” talks about how challenging it will be to implement quantum-safe cryptography on legacy blockchains. In its third paragraph, the author(s) infer that governance and consensus would be difficult after migration because the process would take more time than before.

My questions are:

  • Is this true?
  • If true, why and how does quantum proof cryptography affect blockchain consensus?

I would also appreciate any resources you can share on the subject matter

2 Likes

I think you are misunderstanding the paper and conflating the decision-making that takes place within a community and on-chain consensus. They are not the same thing.

“Achieving this consensus is extremely difficult, so the governance issues are possibly equal to the complexities of the technical problems – agreement takes much more time than people think,” says Barmes. While not enough is being done on technical solutions, too little attention is also given to governance issues, he adds.

6 Likes

much gratitude to you @Harvesto for your work in this investigation paper. this exploration paper required some investment to comprehend. i.e it took my time. my opinion in this research paper is that With both the specialized and administration issues, I think plainly a significant measure of time is expected to make digital currencies impervious to quantum assaults. At present, not very many digital forms of money have made the most vital moves towards becoming quantum-secure, and most digital forms of money don’t for even a moment recognize this issue in their guides. To appropriately get the fate of cryptographic forms of money I accept that center improvement groups ought to become educated about the dangers, devise a movement plan, and consolidate it in their guide. Acting presently will take into consideration sufficient readiness and at last a smooth progress. I think if we fail to act on time, rushing into solutions when the threat becomes more imminent, the chance of implementation errors increases which can have an undesired result.

4 Likes

Great observation Henry, devising a plan that makes digital currencies impenetrable to quantum attacks will take time but I will like to mention some theoretical methods to combat potential quantum attacks (read about this from a website but can’t recall the exact source)

  • Dynamic AI models can compute the fraud risk of pending transactions at every moment until validation. These models can deduce the potential profits of adversaries for every threat vector, thus arriving at the possibility of any transaction being fraudulent. Insurance products can be designed to cover the fraud risk of pending transactions.
  • Consensus rule: Principles of effective incentive design can be used to formulate changes in consensus rules, such as applying a markup on transaction fees for p2pk and reusing p2pkh wallets. This would prompt users to switch to safer behaviour.

@Larry_Bates @Ulysses do you know if any of these methods have been implemented and has any of the methods made any difference?

4 Likes

Thanks @GloriaOkoba for your quick response. Your comment is helpful to me. Though looking forward to hearing from @Larry_Bates and @Ulysses .

2 Likes

glad to know i could be of help @Henry, hopefully we get to hear from @Ulysses and @Larry_Bates soon

2 Likes

Digital Ledger Technologies (DLT) such as blockchain are being deployed as part of diverse applications that span multiple market segments. Application developers have successfully leveraged the blockchain characteristics of decentralization, immutability, cryptographic security and transparency to create the solution benefits of redundancy, non-repudiation and enhanced auditing/compliance. Blockchain infrastructures make very extensive use of digital signature algorithms, hashing algorithms and public-key cryptography. The rapid pace of progress that is being experienced with quantum computing technology has made the prospect of quantum computer cyber-attacks a very real possibility.

Initiatives are therefore underway to augment today’s blockchain infrastructures with cryptographic algorithms that are highly resistant to quantum computer attack. These post-quantum algorithms are based on computational problems that are known to be very difficult for quantum computers to solve by using either Shor’s algorithm or Grover’s algorithm.

5 Likes

thanks for the enlightenment @WaterLily ,found this very helpful

2 Likes

This post was flagged by the community and is temporarily hidden.

Very interesting topic @Harvesto … from what I have read about this topic
QC mostly poses a threat to discrete log or integer factorization-based public key signature techniques. Currently, the discrete log issue in an elliptic curve group is what makes bitcoin work. The ECDSA signature algorithm includes this. If quantum computing becomes a reality, it would be foolish to keep this module in place.

To be more realistic, this should be amended in a few years with a soft fork, which is likely to pass with little opposition. (Assuming no one has discovered a means to cash in on the vulnerability and also controls a significant mining cartel.)

According to Wikipedia, there are plans to switch from an ECDSA signature to a Schnorr signature soon. Although it uses less space, this technique is still based on the discrete log problem. People are eager to lower the storage cost because, as things stand, storing the signature data is the most expensive part of a transaction. According to some responses, QC will completely ruin cryptography. That is untrue. We already have public key cryptography that is QC resistant, such as NTRU Quantum-Resistant High Performance Cryptography. Since this system is built on integer lattices rather than discrete logs or factorization, nobody currently appears to be aware of how to apply QC to solve this issue. As a result of this competition, many more such algorithms will be developed (Computer Security Resource Center). According to some responses, QC can be used to extract a private key from a bitcoin address. For the most typical type of address, namely pay to public key hash, this is categorically false. The public key is hashed as shown in this diagram (File:PubKeyToAddr.png - Bitcoin Wiki), which shows how it becomes an address. Addresses aren’t just public keys in a hat (anymore).

4 Likes

Hi Gift

Glad to see you’re well-grounded in QC and cryptographic signature knowledge.

I especially agree with your remark here. The notion that quantum computers/hackers will eventually break Bitcoin and other blockchains is just typical FUD being spread by ignorance of how these systems work.

True, the QC threat to existing blockchains is real, but not on the scale most people think.

Also, I like to take another thinking approach; quantum computing can be used to strengthen and secure the blockchain against the various threats it faces daily.

Just thinking about it lights me up, because it’s not all doom and gloom as articles out there will have you believe.

Thanks for stopping by and sharing your thoughts!

Hi Henry

Thanks for sharing your thoughts on the post.

Well, the threat is imminent, but still far away.

Kind of like a paradox.

But then, you’re right when you say center improvement groups (or Devs) should do something about it.

Already, they have started doing some groundwork and research, with the evidence in [NIST’s Quantum] proof signatures. (NIST Reveals 26 Algorithms Advancing to the Post-Quantum Crypto ‘Semifinals’)

I think what’s left is the successful migration of these blockchains to these signature schemes and some more security checks.

Well, let’s see how it goes.

2 Likes