With one billion users using 380 exchanges, the security of blockchains and cryptocurrencies remains a major concern as billions are lost to hackers every year. Cryptocurrency hacks negatively impact cryptocurrency markets introducing volatility. Each major scam/hack incident results in a significant price dip for most cryptocurrencies, decelerating the growth of the blockchain economy. Existing blockchain vulnerabilities are further amplified by the impending existential threat from quantum computers. While there’s no reprieve yet from the scam/hack prone blockchain economy, quantum resilience is being aggressively pursued by post quantum cryptography (PQC) researchers, despite 80 of 82 candidate PQCs failing. As PQC has no role in combating inherent vulnerabilities, securing over 1000 existing blockchains against scammers/hackers remains a top priority for this industry. This research proposes a novel Quantum-safe Ledger Technology (QLT) framework that not only secures DLTs/cryptocurrencies and exchanges from current vulnerabilities but protects them from the impending Q-day threats from future quantum computers. As blockchain-agnostic technology, the QLT framework can be easily adapted to secure any blockchain or crypto exchange.
References
[1]
Nakamoto, S. (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. https://bitcoin.org/bitcoin.pdf
[2]
van Haaren Duijn, B., et al. (2022) The Dynamics of Governing Enterprise Blockchain Ecosystems. Administrative Sciences, 12, Article No. 86.
[3]
Buterin, V. (2013) Ethereum White Paper. GitHub Repository, 1, 22-23.
[4]
Arslanian, H. (2022) Ethereum. In: Arslanian, H., Ed., TheBookofCrypto, Springer International Publishing, 91-98. https://doi.org/10.1007/978-3-030-97951-5_3
[5]
Efanov, D. and Roschin, P. (2018) The All-Pervasiveness of the Blockchain Technology. Procedia Computer Science, 123, 116-121. https://doi.org/10.1016/j.procs.2018.01.019
[6]
DrFazal (2019) To Centralize Is Human, to Decentralize Divine. Medium. https://drfazal.medium.com/to-centralize-is-human-to-decentralize-divine-ii-7bd48681933f
[7]
McGovern, T. (2022) Cryptocurrency Statistics 2024: How Many People Use Crypto? Earthweb. https://earthweb.com/cryptocurrency-statistics/
[8]
Bhujel, S. and Rahulamathavan, Y. (2022) A Survey: Security, Transparency, and Scalability Issues of Nft’s and Its Marketplaces. Sensors, 22, Article No. 8833. https://doi.org/10.3390/s22228833
[9]
Horch, A., Schunck, C.H. and Ruff, C. (2022) Adversary Tactics and Techniques specific to Cryptocurrency Scams. In: Roßnagel, H., Schunck, C.H. and Mödersheim, S., Eds., Open Identity Summit 2022, Lecture Notes in Informatics (LNI), Gesellschaft für Informatik, 119-124.
[10]
Edwards, N., Haynes, J.B. and Kiser, S.B. (2021) Post-Quantum Security: CoreVUE Breaks through PKI A Look at an Emerging Technology in Cybersecurity. Journal of Strategic Innovation and Sustainability, 16, 136-138.
[11]
Fernandez-Carames, T.M. and Fraga-Lamas, P. (2020) Towards Post-Quantum Blockchain: A Review on Blockchain Cryptography Resistant to Quantum Computing Attacks. IEEE Access, 8, 21091-21116. https://doi.org/10.1109/access.2020.2968985
[12]
Raheman, F., Bhagat, T., Vermeulen, B. and Van Daele, P. (2022) Will Zero Vulnerability Computing (ZVC) Ever Be Possible? Testing the Hypothesis. Future Internet, 14, Article No. 238. https://doi.org/10.3390/fi14080238
[13]
Raheman, F. (2022) The Future of Cybersecurity in the Age of Quantum Computers. Future Internet, 14, Article No. 335. https://doi.org/10.3390/fi14110335
[14]
Raheman, F. (2022) The Q-Day Dilemma and the Quantum Supremacy/Advantage Conjecture. Research Square, December 9 2022.
[15]
Raheman, F. (2024) Defining Quantum Advantage for Building a Sustainable MVP to Deliver Quantum Computing Services. Open Journal of Applied Sciences, 14, 1530-1549. https://doi.org/10.4236/ojapps.2024.146102
[16]
Raheman, F. (2024) From Standard Policy-Based Zero Trust to Absolute Zero Trust (AZT): A Quantum Leap to Q-Day Security. Journal of Computer and Communications, 12, 252-282. https://doi.org/10.4236/jcc.2024.123016
[17]
Raheman, F. (2024) Tackling the Existential Threats from Quantum Computers and Ai. Intelligent Information Management, 16, 121-146. https://doi.org/10.4236/iim.2024.163008
[18]
Raheman, F. (2024) Formulating and Supporting a Hypothesis to Address a Catch-22 Situation in 6G Communication Networks. Journal of Information Security, 15, 340-354. https://doi.org/10.4236/jis.2024.153020
[19]
Alagic, G., etal. (2019) Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process. US Department of Commerce, National Institute of Standards and Technology. https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=927303
[20]
Sparkes, M. (2022) Encryption Meant to Protect against Quantum Hackers Is Easily Cracked. New Scientist, March 8, 2022. https://www.newscientist.com/article/2310369-encryption-meant-to-pro-tect-against-quantum-hackers-is-easily-cracked/
[21]
Ji, Y. and Dubrova, E. (2023) A Side-Channel Attack on a Masked Hardware Implementation of CRYSTALS-Kyber. Proceedings of the 2023 Workshop on Attacks and Solutions in Hardware Security, Copenhagen, 30 November 2023, 27-37. https://doi.org/10.1145/3605769.3623992
[22]
Shin, D. and Rice, J. (2022) Cryptocurrency: A Panacea for Economic Growth and Sustainability? A Critical Review of Crypto Innovation. Telematics and Informatics, 71, Article ID: 101830. https://doi.org/10.1016/j.tele.2022.101830
[23]
Froehlich, M., Waltenberger, F., Trotter, L., Alt, F. and Schmidt, A. (2022) Blockchain and Cryptocurrency in Human Computer Interaction: A Systematic Literature Review and Research Agenda. Designing Interactive Systems Conference, 13-17 June 2022, 155-177. https://doi.org/10.1145/3532106.3533478
[24]
Nzimakwe, T.I. (2018) Government’s Dynamic Approach to Addressing Challenges of Cybersecurity in South Africa. In: Fields, Z., Ed., HandbookofResearchonInformationandCyberSecurityintheFourthIndustrialRevolution, IGI Global, 364-381. https://doi.org/10.4018/978-1-5225-4763-1.ch013
[25]
Charoenwong, B. and Bernardi, M. (2021) A Decade of Cryptocurrency “Hacks”: 2011-2021. SSRN Electronic Journal. https://doi.org/10.2139/ssrn.3944435
[26]
Sigalos, M. (2022) Crypto Scammers Took a Record $14 Billion in 2021. CNBC, January 6, 2022. https://www.cnbc.com/2022/01/06/crypto-scammers-took-a-record-14-billion-in-2021-chainalysis.html
[27]
O’Rourke, M. (2022) Cryptocurrency Crime Cost a Record $14 Billion in 2021. Risk Management, 69, 30.
[28]
Merchant, M. (2022) Crypto Hackers Steal $3 Billion in 2022, Set to Be Biggest Year for Digital-Asset Heists. Money Control, October 18, 2022. https://www.moneycontrol.com/news/business/cryptocurrency/crypto-hackers-steal-3-billion-in-2022-set-to-be-biggest-year-for-digital-asset-heists-9347301.html
[29]
Livni, E. (2022) Binance Blockchain Hit by $570 Million Hack, Exposing Crypto Vulnerabilities. The New York Times, October 7, 2022. https://www.nytimes.com/2022/10/07/business/binance-hack.html
[30]
Amure, T.O. (2022) FTX Collapse Worsens after a $600 Million Hack and Criminal Charges. Investopedia, November 14, 2022. https://www.investopedia.com/ftx-got-hacked-6828458
[31]
Chainalysisis Team (2022, Aug. 2) Vulnerabilities in Cross-Chain Bridge Protocols Emerge as Top Security Risk. Chainalysis. https://blog.chainalysis.com/reports/cross-chain-bridge-hacks-2022/
[32]
Grobys, K. (2021) When the Blockchain Does Not Block: On Hackings and Uncertainty in the Cryptocurrency Market. Quantitative Finance, 21, 1267-1279. https://doi.org/10.1080/14697688.2020.1849779
[33]
Chang, S. (2019) Bitcoin Price Sinks amid Hack Attempt on Cryptocurrency Exchange Binance. Investopedia, June 25, 2019. https://www.investopedia.com/news/bitcoin-price-sinks-amid-hack-attempt-cryptocurrency-exchange-binance/
[34]
Groopman, J. (2023) Top Blockchain Security Attacks, Hacks and Issues. https://www.techtarget.com/searchsecurity/tip/Top-blockchain-security-attacks-hacks-and-issues
[35]
Boireau, O. (2018) Securing the Blockchain against Hackers. Network Security, 2018, 8-11. https://doi.org/10.1016/s1353-4858(18)30006-0
[36]
Kearney, J.J. and Perez-Delgado, C.A. (2021) Vulnerability of Blockchain Technologies to Quantum Attacks. Array, 10, Article ID: 100065. https://doi.org/10.1016/j.array.2021.100065
[37]
Unogwu, O.J., Doshi, R., Hiran, K.K. and Mijwil, M.M. (2022) Introduction to Quantum-Resistant Blockchain. In: Shrivas, M.K., Hiran, K.K., Bhansali, A. and Doshi, R., Eds., AdvancementsinQuantumBlockchainwithReal-TimeApplications, IGI Global, 36-55. https://doi.org/10.4018/978-1-6684-5072-7.ch002
[38]
Castelvecchi, D. (2022) The Race to Save the Internet from Quantum Hackers. Nature, 602, 198-201. https://doi.org/10.1038/d41586-022-00339-5
[39]
Rozell, D.J. (2022) Cash Is King. Nature. https://doi.org/10.1038/d41586-022-00418-7
[40]
Majot, A. and Yampolskiy, R. (2015) Global Catastrophic Risk and Security Implications of Quantum Computers. Futures, 72, 17-26. https://doi.org/10.1016/j.futures.2015.02.006
[41]
Grimes, R.A. (2019) Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today’s Crypto. Wiley. https://doi.org/10.1002/9781119618232
[42]
Ménard, A., Ostojic, I., Patel, M. and Volz, D. (2020) A Game Plan for Quantum Computing. McKinsey Q. https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/a-game-plan-for-quantum-computing
[43]
An, H. and Kim, K. (2018) QChain: Quantum-Resistant and Decentralized PKI Using Blockchain. 2018 Symposium on Cryptography and Information Security (SCIS 2018), Niigata, 23-26 January 2018.
[44]
Ding, J. (2019) A New Proof of Work for Blockchain Based on Random Multivariate Quadratic Equations. Applied Cryptography and Network Security Workshops: ACNS 2019 Satellite Workshops, Bogota, 5-7 June 2019, 97-107. https://doi.org/10.1007/978-3-030-29729-9_5
[45]
Dey, N., Ghosh, M. and Chakrabarti, A. (2022) Quantum Solutions to Possible Challenges of Blockchain Technology. In: Kumar, A., Gill, S.S. and Abraham, A., Eds., QuantumandBlockchainforModernComputingSystems: VisionandAdvancements, Springer International Publishing, 249-282. https://doi.org/10.1007/978-3-031-04613-1_9
[46]
Li, X., Luo, C., Liu, P., Wang, L. and Yu, D. (2019) Injecting Differential Privacy in Rules Extraction of Rough Set. In: Proceedingsofthe 2ndInternationalConferenceonHealthcareScienceandEngineering, Springer, Singapore, 175-187. https://doi.org/10.1007/978-981-13-6837-0_13
Sayeed, S., Marco-Gisbert, H. and Caira, T. (2020) Smart Contract: Attacks and Protections. IEEE Access, 8, 24416-24427. https://doi.org/10.1109/access.2020.2970495
[49]
Adamik, F. and Kosta, S. (2019) Smartexchange: Decentralised Trustless Cryptocurrency Exchange. BusinessInformationSystemsWorkshops, Berlin, 18-20 July 2018, 356-367. https://doi.org/10.1007/978-3-030-04849-5_32
[50]
Lin, L.X. (2019) Deconstructing Decentralized Exchanges. Stanford Journal of Blockchain Law & Policy, 2, 58-77.
[51]
Zamyatin, A., Harz, D., Lind, J., Panayiotou, P., Gervais, A. and Knottenbelt, W. (2019) XCLAIM: Trustless, Interoperable, Cryptocurrency-Backed Assets. 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, 19-23 May 2019, 193-210. https://doi.org/10.1109/sp.2019.00085
[52]
Lee, S., Murashkin, A., Derka, M. and Gorzny, J. (2023) SoK: Not Quite Water under the Bridge: Review of Cross-Chain Bridge Hacks. 2023 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), Dubai, 1-5 May 2023, 1-14. https://doi.org/10.1109/icbc56567.2023.10174993
[53]
Helal, M., Alsoud, A.R. and Alshareef, H. (2022) Cross-Chain Interoperability-Validating Smart Contracts to Interoperate over Diverse Blockchain Networks Using Interoperable Blockchain Framework Design (IBFD).
[54]
Brooks, K. (2022, October 12) Hackers Have Stolen Record $3 Billion in Cryptocurrency This Year. CBS News. https://www.cbsnews.com/news/cryptocurrency-theft-hacker-chainalysis-blockchain-crime/
[55]
Bernstein, D.J. and Lange, T. (2017) Post-Quantum Cryptography. Nature, 549, 188-194. https://doi.org/10.1038/nature23461
[56]
Gupta, K.D., Nag, A.K., Rahman, M.L., Mahmud, M.A.P. and Sadman, N. (2021) Utilizing Computational Complexity to Protect Cryptocurrency against Quantum Threats: A Review. IT Professional, 23, 50-55. https://doi.org/10.1109/mitp.2021.3089494
[57]
Marcos, A., etal. (2021) Quantum-Resistance in Blockchain Networks.
[58]
Zhu, D., Zheng, J., Zhou, H., Wu, J., Li, N. and Song, L. (2022) A Hybrid Encryption Scheme for Quantum Secure Video Conferencing Combined with Blockchain. Mathematics, 10, Article No. 3037. https://doi.org/10.3390/math10173037
[59]
Laura, D. (2022, August 3) Post-Quantum Crypto Cracked in an Hour with One Core of an Ancient Xeon. The Register. https://www.theregister.com/2022/08/03/nist_quantum_resistant_crypto_cracked/
[60]
Banerjee, U., Das, S. and Chandrakasan, A.P. (2020) Accelerating Post-Quantum Cryptography Using an Energy-Efficient TLS Crypto-Processor. 2020 IEEE International Symposium on Circuits and Systems (ISCAS), Seville, 12-14 October 2020, 1-5. https://doi.org/10.1109/iscas45731.2020.9180550
[61]
Aji, A., Jain, K. and Krishnan, P. (2021) A Survey of Quantum Key Distribution (QKD) Network Simulation Platforms. 2021 2nd Global Conference for Advancement in Technology (GCAT), Bangalore, 1-3 October 2021, 1-8. https://doi.org/10.1109/gcat52182.2021.9587708
[62]
Rimba, P., Tran, A.B., Weber, I., Staples, M., Ponomarev, A. and Xu, X. (2017) Comparing Blockchain and Cloud Services for Business Process Execution. 2017 IEEE International Conference on Software Architecture (ICSA), Gothenburg, 3-7 April 2017, 257-260. https://doi.org/10.1109/icsa.2017.44
[63]
Raheman, F. (2023) Economic and Social Sustainability of Legacy Blockchain for Non-Crypto Use Cases: A Reality Check. International Journal of Blockchains and Cryptocurrencies, 4, 1-25. https://doi.org/10.1504/ijbc.2023.131634
[64]
di Angelo, M. and Salzer, G. (2019) A Survey of Tools for Analyzing Ethereum Smart Contracts. 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), Newark, 4-9 April 2019, 69-78. https://doi.org/10.1109/dappcon.2019.00018
[65]
Jansen, M., Hdhili, F., Gouiaa, R. and Qasem, Z. (2019) Do Smart Contract Languages Need to Be Turing Complete? In: Prieto, J., et al., Eds., Blockchain and Applications: International Congress, Springer International Publishing, 19-26. https://doi.org/10.1007/978-3-030-23813-1_3
[66]
Kaleem, M., Mavridou, A. and Laszka, A. (2020) Vyper: A Security Comparison with Solidity Based on Common Vulnerabilities. 2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS), Paris, 28-30 September 2020, 107-111. https://doi.org/10.1109/brains49436.2020.9223278
[67]
Arikpo, I.I., Ogban, F.U. and Eteng, I.E. (2008) Von Neumann Architecture and Modern Computers. Global Journal of Mathematical Sciences, 6, 97-104. https://doi.org/10.4314/gjmas.v6i2.21415
[68]
Francillon, A. and Castelluccia, C. (2008) Code Injection Attacks on Harvard-Architecture Devices. Proceedings of the 15th ACM Conference on Computer and Communications Security, Alexandria, 27-31 October 2008, 15-26. https://doi.org/10.1145/1455770.1455775
[69]
Rajput, B. (2020) Changing Landscape of Crime in Cyberspace. In: Rajput, B., Ed., CyberEconomicCrimeinIndia, Springer International Publishing, 13-23. https://doi.org/10.1007/978-3-030-44655-0_2
[70]
European Commission (2023) “Seal of Excellence” Awarded to ZVC in a Horizon Europe EIC Accelerator Grant Program. https://zvchub.com/#seal
[71]
Kerman, A., Borchert, O., Rose, S. and Tan, A. (2020) Implementing a Zero Trust Architecture. National Cybersecurity Center of Excellence. https://www.nccoe.nist.gov/sites/default/files/legacy-files/zta-project-description-final.pdf
[72]
Ford, P. (2023) The Quantum Cybersecurity Threat May Arrive Sooner than You Think. Computer, 56, 134-136. https://doi.org/10.1109/mc.2022.3227657
[73]
National Security Agency (2021) Embracing a Zero Trust Security Model. https://media.defense.gov/2021/feb/25/2002588479/-1/-1/0/csi_embracing_zt_security_model_uoo115131-21.pdf
[74]
Rose, S., Borchert, O., Mitchell, S. and Connelly, S. (2020) Zero Trust Architecture. National Institute of Standards and Technology.
[75]
Nivarthi, K.S.P. and Gatla, G. (2022) Fighting Cybercrime with Zero Trust. American Academic Scientific Research Journal for Engineering, Technology, and Sciences, 90, 371-381.
[76]
Hardjono, T. (2018) Blockchain Interoperability and Survivability. 2018 IEEE Global Blockchain Summit, NIST, Gaithersburg, 17-19 September 2018.
[77]
Dhar, S. and Bose, I. (2020) Securing IoT Devices Using Zero Trust and Blockchain. Journal of Organizational Computing and Electronic Commerce, 31, 18-34. https://doi.org/10.1080/10919392.2020.1831870
[78]
Kumar, M. (2022) Post-Quantum Cryptography Algorithm’s Standardization and Performance Analysis. Array, 15, Article ID: 100242. https://doi.org/10.1016/j.array.2022.100242
[79]
Gupta, N., Jati, A., Chauhan, A.K. and Chattopadhyay, A. (2021) PQC Acceleration Using Gpus: Frodokem, Newhope, and Kyber. IEEE Transactions on Parallel and Distributed Systems, 32, 575-586. https://doi.org/10.1109/tpds.2020.3025691
