Protecting Blockchain Networks from Quantum Threats: A Framework for Quantum Resistance
Washington DC, April 10th, 2023
We are very glad to communicate that our paper “Quantum Resistance in Blockchain Networks” has been published by Scientific Reports journal from Springer-Nature and is publicly available online. This represents a very rewarding recognition to the work that we began in 2020 in collaboration with Quantinuum and Tecnologico de Monterrey seeking to develop a framework that allows to help protect blockchain networks from attacks by large and robust quantum computers.
As the paper claims “the advent of quantum computing threatens blockchain protocols and networks because they utilize non-quantum resistant cryptographic algorithms. When quantum computers become robust enough to run Shor’s algorithm on a large scale, the most used asymmetric algorithms, utilized for digital signatures and message encryption, such as RSA, (EC)DSA, and (EC)DH, will be no longer secure. Quantum computers will be able to break them within a short period of time”.
Our work is pioneer in proposing a five-step end-to-end framework applicable to most blockchain networks that does not require critical modifications of the baseline protocols to add a post-quantum cryptographic layer that ensures resistance to attacks by quantum computers. The joint team has also developed a scalable implementation for Ethereum-based networks which has been deployed in LACChain, that uses Hyperledger Besu as the blockchain protocol.
Marcos Allende Lopez, CTO of LACChain and leader of this work claimed that “today the blockchain community is focused on urgent needs such as scalability and interoperability. However, considering that there are trillions of dollars in value stored in blockchain networks and that according to Boston Consulting Group tokenization is expecting to become a $16 trillion market in 2030, it is irresponsible to not have a plan to protect decentralized ledgers from attacks by quantum computers that will be able to discover private keys and steal assets. Despite it is uncertain when large and robust quantum computers will be ready to accomplish that, it is very plausible that these machines are used silently at the beginning for hacking strategically without being spotted.”
Our open-source development presents three alternatives for the blockchain verification of transactions signed with the Falcon-512 NIST-compliant post-quantum signatures: (i) implementing the verification code in Solidity which constitutes – to our knowledge – the first smart contract capable of verifying post-quantum signatures, (ii) implementing solidity instruction in the Solc compiler and corresponding EVM opcode, and (iii) refactoring the EVM opcode Java from the EVM virtual machine into a pre-compiled contract.
The team is now working on an EIP to take this discussion to a broader forum within the Ethereum and Hyperledger communities. LACChain is looking for entities and individuals that want to join us in this mission.
Professor Salvador E. Venegas-Andraca, of Tecnologico de Monterrey, commented: “Quantum technology is a give-and-take discipline: on the one hand, quantum computers together with Shor's algorithm will eventually become a vulnerability to public key cryptography protocols and other technologies used in digital data protection. On the other hand, we can use quantum technology to increase the security of current and future data. The latter is indeed the core of our paper: to use quantum technology to protect current and future blockchains from quantum attacks.”.
Duncan Jones, Head of Cybersecurity at Quantinuum, added: “The most valuable digital assets demand the highest levels of security. By combining quantum-safe algorithms with quantum-computer-hardened keys from our Quantum Origin platform, this work demonstrates a significant security improvement for blockchain systems.”.
About LACChain. LACChain is a global alliance that brings together various stakeholders in the blockchain space, led by the Innovation Lab of the Inter-American Development Bank Group (IDB Lab), with the goal of developing the blockchain ecosystem in Latin America and the Caribbean. Its mission is to accelerate the adoption of blockchain technology in the region, promoting innovation, reducing economic, social, and gender inequalities, improving job quality and security, and fostering financial inclusion, consumer protection, and market integrity. To achieve these goals, LACChain focuses on two main pillars: community and infrastructure. Through its initiatives, LACChain aims to empower people, improve digital security, build trust in the digital economy and society, and foster energy efficiency, all while supporting inclusive growth, well-being, human rights, and fundamental values. For more information about LACChain and its initiatives, please visit their website at www.lacchain.net.
About Tecnologico de Monterrey. Tecnologico de Monterrey was founded in 1943 thanks to the vision of Don Eugenio Garza Sada and a group of entrepreneurs who formed a non-profit association called Enseñanza e Investigación Superior, A. C. Tecnologico de Monterrey is a private, non-profit, independent institution with no political and religious affiliations. The work of Tecnológico de Monterrey on all of its campuses is supported by civil associations made up of a numerous group of outstanding leaders from all over the country who are committed to quality in higher education. Tecnologico de Monterrey is widely recognized as one of the most prestigious universities in Latin America and it ranks among the top 200 universities in the world according to QS World University Rankings.
About Quantinuum. Quantinuum is one of the world’s largest integrated standalone quantum computing companies, formed by the combination of Honeywell Quantum Solutions’ world-leading hardware and Cambridge Quantum’s class-leading middleware and applications. Science-led and enterprise driven, Quantinuum accelerates quantum computing and the development of applications across chemistry, cybersecurity, finance, and optimization. Its focus is to create scalable and commercial quantum solutions to solve the world’s most pressing problems, in fields such as energy, logistics, climate change, and health. The company employs over 480 people including 350 scientists, at nine sites in the US, Europe, and Japan.
Kaniah is Chief Legal Counsel and SVP of Government Relations for Quantinuum. In her previous role, she served as General Counsel, Honeywell Quantum Solutions. Prior to Honeywell, she was General Counsel, Honeywell Federal Manufacturing and Technologies, LLC, and Senior Attorney, U.S. Department of Energy. She was Lead Counsel before the Civilian Board of Contract Appeals, the Merit Systems Protection Board, and the Equal Employment Opportunity Commission. Kaniah holds a J.D. from American University, Washington College of Law and B.A., International Relations and Spanish from the College of William and Mary.
Jeff Miller is Chief Information Officer for Quantinuum. In his previous role, he served as CIO for Honeywell Quantum Solutions and led a cross-functional team responsible for Information Technology, Cybersecurity, and Physical Security. For Honeywell, Jeff has held numerous management and executive roles in Information Technology, Security, Integrated Supply Chain and Program Management. Jeff holds a B.S., Computer Science, University of Arizona. He is a veteran of the U.S. Navy, attaining the rank of Commander.
Matthew Bohne is the Vice President & Chief Product Security Officer for Honeywell Corporation. He is a passionate cybersecurity leader and executive with a proven track record of building and leading cybersecurity organizations securing energy, industrial, buildings, nuclear, pharmaceutical, and consumer sectors. He is a sought-after expert with deep experience in DevSecOps, critical infrastructure, software engineering, secure SDLC, supply chain security, privacy, and risk management.
Todd Moore is the Global Vice President of Data Encryption Products at Thales. He is responsible for setting the business line and go to market strategies for an industry leading cybersecurity business. He routinely helps enterprises build solutions for a wide range of complex data security problems and use cases. Todd holds several management and technical degrees from the University of Virginia, Rochester Institute of Technology, Cornell University and Ithaca College. He is active in his community, loves to travel and spends much of his free time supporting his family in pursuing their various passions.
Retired U.S. Army Major General John Davis is the Vice President, Public Sector for Palo Alto Networks, where he is responsible for expanding cybersecurity initiatives and global policy for the international public sector and assisting governments around the world to prevent successful cyber breaches. Prior to joining Palo Alto Networks, John served as the Senior Military Advisor for Cyber to the Under Secretary of Defense for Policy and served as the Acting Deputy Assistant Secretary of Defense for Cyber Policy. Prior to this assignment, he served in multiple leadership positions in special operations, cyber, and information operations.