Quantum computing and data protection with blockchain.
One of the topics on Episode 0x3b of Super Happy Dragon Lucky was the announcement that the United States Space Force (USSF) and the U.S. Air Force Research Lab has chosen blockchain firm Xage Security to develop end-to-end data protection security systems for the USSF.
According to Cointelegraph, Xage Security CEO Duncan Greatwood said blockchain meets many of the complex needs of the USSF:
“The USSF requires decentralized enforcement of security to establish space domain resilience and objective situational awareness––across every asset and data element. We built the Xage solution to serve the needs of complex critical infrastructure systems, and are excited to bring the Xage solution to the Space Force in the form of a blockchain-protected space system security.”
Joe thinks positively of the move and sees data protection as a key blockchain use case. “For Dragonchain it’s about time. It’s proof that the data was in whatever state at that particular point in time. So blockchain as a means of protecting data makes a lot of sense to us.”
This is where the conversation took a turn. Guest, Ross Davis from Global Crypto Press Association questions the use case in a future with quantum computing. “One thing I am curious to get your take on is quantum computing. The naysayers always bring up quantum every time blockchain in cybersecurity is mentioned. They say blockchain will be worthless when quantum computing happens. How do you answer that challenge?”
Before we get to Joe’s answer to that question, let’s answer a few of our own.
What is Quantum Computing?
Quantum computing processes and solves problems. Sounds straightforward, but it's the physics behind quantum that can leave the novice scratching their head. According to Wikipedia, quantum mechanics is a fundamental theory in physics that provides a description of the physical properties of nature at the scale of atoms and subatomic particles. Quantum computing is the use of quantum phenomena such as superposition and entanglement to perform computation. Computers that perform quantum computations are known as quantum computers.
You may have some familiarity with 1s and 0s, known as bits. Bits are either 1 or 0 and their combinations and represent data for processing by traditional computers. 4 bits will have every combination of 1s and 0s in groups of 4 digits.
To crack a password a traditional computer would try each of these number combinations, discarding the incorrect answers and keeping the correct one.
For quantum, those bits are not either 1 or 0. Quantum bits (qubits) are 1, 0, or 1 and 0.
When quantum bits are used, the quantum computer reads the combinations simultaneously. The result will be both correct and incorrect answers. To find just the correct answers Grover's algorithm is applied. The algorithm will “sweep away” the incorrect answers and leave the correct answer. Thanks to Sean Ong who has a nice explanation of quantum computing that is worth a watch.
It’s reported a brute force attack with a traditional computer would take trillions of years. The quantum computer will take today’s encrypted data and solve it in minutes. Why, then why are IBM, Google, and others putting billions of dollars into the development of quantum computing if it puts our data in jeopardy? Because it changes everything.
Why is Quantum Computing Important?
Predicting the applications of quantum computing is boundless much like predicting the impact of traditional computing in our everyday lives. If we can get all the parts working efficiently, the use cases for quantum computing are considerable.
- Simulate complex molecules
- Financial Modeling
- Better Batteries
- Cleaner Fertilization
- Weather Forecasting
- Efficient carbon capture
- Solar Capture
- Artificial Intelligence
- Electronic Materials Discovery
- Automotive Industry and connected cars
- Traffic Optimization
Quantum computing is poised to make such an impact that it is easy to see why recent studies predict a multibillion-dollar quantum industry by 2030. But, there are still issues such as quantum’s fragility and its current inability to link processors that need to be solved before we realize these use cases. However, if the technological advancements in just the last decade are any indication, business leaders should be proactive by planning and allocating resources to secure architectures and infrastructures to be ready when those problems are solved.
How Will it Affect Blockchain?
Although secure today, quantum computing represents a significant threat to blockchain security. Blockchains such as Bitcoin and Ethereum rely on Elliptic Curve Digital Signature Algorithm (ECDSA) to create public and private signature keys. Massive amounts of computing power is required to decipher these keys. With just the public key known, a quantum computer would be able to find the private key in a matter of days, if not sooner.
Right now the computing power in quantum computers is not sufficient enough to pose a threat to blockchain, however, the threat is imminent as quantum computers are advancing rapidly.
Currently, the discussion on how to secure blockchain focuses on creating quantum-resistant blockchains, either as a second layer solution or by creating an entire blockchain from scratch. Ultimately, Bitcoin and Ethereum will need to upgrade its signature algorithm if it wishes to remain secure.
Governments are already looking ahead at the looming threat and are already recommending new types of signature schemes. In 2018, the White House published the National Strategic Overview For Quantum Information Science and Congress passed the National Quantum Initiative Act. In response, the U.S. National Institute of Standards and Technology (NIST) has a draft approval of the eXtended Merkle Signature Scheme (XMSS) which is resistant to quantum computing.
Dragonchain’s Take on Quantum Computing
Back to Ross’s question for Joe. ”How do you answer that challenge?”
Joe responds, architecture. “The answer is the architecture of the software itself. Quantum is very focused on the crypto side of the issue. Yet, if you segregate the actual data, the data will be secure.
I would never, ever, put sensitive information like customer’s personal information or military and Space Force information anywhere near an actual public blockchain. The data would be segmented and away from the public blockchain. The proof could be affected by quantum, but if any of the quantum-resistant algorithms work, you can apply those on the proof level.
It’s like some of the things that both sides did during the Cold War. They would mess with each other's data or the schematics of electronics. Both sides might not be aware when something like that occurred. When it comes to blockchain and proof just knowing that something was stolen or tampered would be valuable.
Our angle on it is that some of this information might be compromised. At the very least you would be able to measure the level of security. As an example, would they spend three billion dollars to attack this particular part that I'm about to 3D print on a ship?
You can also look back and see if there were simultaneous forks on Bitcoin, Ethereum, and Ethereum Classic around that time or even at any time since the data has been on chain. You can see all of the independent nodes that have signed off on the proof from different contexts.
Even with quantum computing, you would still have to compromise the systems, get the data, change the data, then change every blockchain that housed the data, and that housed the proof of that data. It becomes an overwhelming approach.”
Both Joe and Ross agree that Xage and USSF likely utilized a private blockchain.