{"title":"过渡到超级账本结构抗量子经典混合公钥基础设施","authors":"Robert Campbell","doi":"10.31585/JBBA-2-2-(4)2019","DOIUrl":null,"url":null,"abstract":"This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\\classical hybrid PKI near-term replacement.","PeriodicalId":33145,"journal":{"name":"The Journal of The British Blockchain Association","volume":"121 1","pages":""},"PeriodicalIF":1.4000,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Transitioning to a Hyperledger Fabric Quantum-Resistant Classical Hybrid Public Key Infrastructure\",\"authors\":\"Robert Campbell\",\"doi\":\"10.31585/JBBA-2-2-(4)2019\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\\\\classical hybrid PKI near-term replacement.\",\"PeriodicalId\":33145,\"journal\":{\"name\":\"The Journal of The British Blockchain Association\",\"volume\":\"121 1\",\"pages\":\"\"},\"PeriodicalIF\":1.4000,\"publicationDate\":\"2019-07-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The Journal of The British Blockchain Association\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31585/JBBA-2-2-(4)2019\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"ECONOMICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Journal of The British Blockchain Association","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31585/JBBA-2-2-(4)2019","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ECONOMICS","Score":null,"Total":0}
引用次数: 9
摘要
本研究分为两个部分;第一个是确定企业超级账本结构(HLF)区块链网络安全漏洞、威胁和后量子加密(PQC)世界中的法律义务。HLF是由IBM设计的许可区块链,并使用公钥基础设施(PKI)进行数字签名和数字身份(X.509证书),这对其网络的操作安全性至关重要。2019年1月24日,Aetna、Anthem、Health Care Service Corporation、PNC Bank和IBM宣布合作建立一个基于区块链的医疗行业生态系统[1]。量子计算对PKI造成了毁灭性的影响,对其大规模商业到来的估计不应被低估,也无法预测。HIPAA(健康保险流通与责任法案)和通用数据保护条例(GDPR)要求采取“合理”措施来保护受保护的健康信息(PHI)和个人身份信息(PII)。然而,HLF的生态系统并不具有后量子抗性,通过其网络传输的所有数据都容易被大规模量子计算机立即或稍后解密。本研究的第二部分是美国国家标准与技术研究院(NIST)的独立评估和测试,基于第二轮候选PQC,基于格子的数字签名方案,qTESLA。然而,第二轮的提交有了很大的改进;它的算法特征和参数是这样的,它不太可能成为一个抗量子的“现状”,简单的“即插即用”功能,也不太可能取代HLF的PKI。这项工作还建议使用qTESLA的公钥来创建一个抗量子的经典混合PKI的近期替代品。
Transitioning to a Hyperledger Fabric Quantum-Resistant Classical Hybrid Public Key Infrastructure
This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\classical hybrid PKI near-term replacement.