Transitioning to a Hyperledger Fabric Quantum-Resistant Classical Hybrid Public Key Infrastructure

Robert Campbell
{"title":"Transitioning to a Hyperledger Fabric Quantum-Resistant Classical Hybrid Public Key Infrastructure","authors":"Robert Campbell","doi":"10.31585/JBBA-2-2-(4)2019","DOIUrl":null,"url":null,"abstract":"This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\\classical hybrid PKI near-term replacement.","PeriodicalId":33145,"journal":{"name":"The Journal of The British Blockchain Association","volume":"121 1","pages":""},"PeriodicalIF":1.4000,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Journal of The British Blockchain Association","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31585/JBBA-2-2-(4)2019","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ECONOMICS","Score":null,"Total":0}
引用次数: 9

Abstract

This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\classical hybrid PKI near-term replacement.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
过渡到超级账本结构抗量子经典混合公钥基础设施
本研究分为两个部分;第一个是确定企业超级账本结构(HLF)区块链网络安全漏洞、威胁和后量子加密(PQC)世界中的法律义务。HLF是由IBM设计的许可区块链,并使用公钥基础设施(PKI)进行数字签名和数字身份(X.509证书),这对其网络的操作安全性至关重要。2019年1月24日,Aetna、Anthem、Health Care Service Corporation、PNC Bank和IBM宣布合作建立一个基于区块链的医疗行业生态系统[1]。量子计算对PKI造成了毁灭性的影响,对其大规模商业到来的估计不应被低估,也无法预测。HIPAA(健康保险流通与责任法案)和通用数据保护条例(GDPR)要求采取“合理”措施来保护受保护的健康信息(PHI)和个人身份信息(PII)。然而,HLF的生态系统并不具有后量子抗性,通过其网络传输的所有数据都容易被大规模量子计算机立即或稍后解密。本研究的第二部分是美国国家标准与技术研究院(NIST)的独立评估和测试,基于第二轮候选PQC,基于格子的数字签名方案,qTESLA。然而,第二轮的提交有了很大的改进;它的算法特征和参数是这样的,它不太可能成为一个抗量子的“现状”,简单的“即插即用”功能,也不太可能取代HLF的PKI。这项工作还建议使用qTESLA的公钥来创建一个抗量子的经典混合PKI的近期替代品。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
11
审稿时长
5 weeks
期刊最新文献
Designing a Blockchain-Based Customer Loyalty Programme using Design Science Research Method Web 2 vs. Web 3 Paths to the Metaverse: Who Is Leading? Who Should Lead? Rewarding Honesty: An Incentive Mechanism to Promote Trust in Blockchain-Based E-commerce Compensation in DAOs: A Proposal Work for Decentralised Autonomous Organisation: What Empirical Labour Economics Can Tell Us about the Decentralised Digital Workforce
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1