We have talked to Dmitry Gerasimov, a blockchain and information security specialist, the author and co-founder of Kelvin and DapCash projects, Demlabs, about what post-quantum cryptography is and how secure it is to use blockchain in general.
Blockchain is considered a very secure technology. Are there any risks of using it now and in the future? Will a quantum computer crush blockchain?
Blockchain is secure only in the sense that a quantum computer is not able to break the continuity of blockchain and falsify blocks somewhere inside the blockchain. Breaking the integrity of blockchain will not give much advantage to a quantum computer, in view of the exponentially increasing complexity depending on the length of the “falsified” blockchain.
But a quantum supercomputer can solve a certain number of problems with great superiority over a classical computer.
Quantum computers can solve problems with a significant advantage not for all variants of cryptography. But, unfortunately, for the most common version of RSA a so-called “Shor’s algorithm” already exists and allows you to solve the problem of finding a private key using a public key in a relatively short time.For the second version of the signatures, ECDSA and others similar, there is also the possibility of hacking, although in practice the algorithm for it still doesn’t exist. The quantum computer with the power of 53 qubits is already developed and this is not the limit, it is developing very rapidly. As soon as the quantum computer with the power of about 1,000 qubits appears, it will be no trouble to hack the blockchains of all the existing cryptocurrencies. Actually, this moment will be a Quantum Apocalypse for cryptocurrencies. Blockchain will remain intact, but the quantum computer will be able to fit the keys to transactions inside it.
And then there is not only a problem of theft of wallets. For example, by updating the software, anyone who does not forget to do so, will be able to transfer funds to new wallets with new security algorithms. But all the previous “anonymous” transactions will be revealed even in this situation.
What are you working on now?
I am working on the integration of a so-called post-quantum encryption algorithm for a number of products. First of all, these are VPN services and blockchain. In particular, this is project Kelvin Blockchain, based on the code from earlier project Dapcash. Post — quantum signatures in blockchain are not my invention. But a large variety of post-quantum algorithms will be used at the same time in Kelvin and Dapcash.
What is post-quantum cryptography?
In simple terms, this is a kind of cryptography, which is a bottleneck of quantum computing due to a number of features, in particular, a large amount of required memory for intermediate computing. This cryptography also has a number of problems, mainly because it is very young.The biggest problem is the lack of guarantees that the algorithms don’t have so-called classic vulnerabilities, when using mathematics and classic computer you can abruptly reduce the search space and find the key in a very short time. That is why so-called variational signatures will be implemented in Kelvin Blockchain and then in DapCash. So, wallet owner will be able to choose the type of signature or even several types at once for his wallet.
We also announce a so-called ring post-quantum signature, with which you can make absolutely anonymous transactions, in which it is impossible to find out who sent the money and/or to whom the money was sent. Similar functionality is now in Monero, it has appeared in Etherium, and in many other. But, unfortunately, their ring signatures are vulnerable to quantum computing.
Thus, variational and, in particular, post-quantum ring signatures will give us the opportunity to create a blockchain that is resistant to the quantum computer.
That is, in fact, Kelvin and DapCash will be two new modernized cryptocurrencies, won’t they?
Yes, exactly. They both are developed on the same basis, but DapCash, unlike Kelvin, is my author’s project and will be more intended to network problems. DapCash will be more “hacking”, maybe. It will be a specialized cryptocurrency, although suitable for common purposes, such as investment safekeeping. Kelvin will be the first post-quantum full-fledged cryptocurrency and will be wider used, will be more “respectable” herewith. In addition to savings and payments, Kelvin will also provide the framework for secure internet-of-things, as well as the user-friendly system of smart contracts designed to simplify their audit and make it possible for non-specialists to create them.
Questions: Maria Chernoyarova