Showdown: Are Quantum-Resistant Digital Signatures the Answer?

抗量子ABC薄荷社区

特邀专栏作者

2021-01-09 03:30

This article is about 5073 words, reading the full article takes about 8 minutes

Can Quantum Computers Overcome Blockchain?

AI Summary

Expand

Can Quantum Computers Overcome Blockchain?

Zero, if it represents a neutral state, means it may or may not be present. The quantum entanglement state is a neutral state; another example is that there is neither savings nor debts-this is also a state of "having" the attribute of personal property.

If people's attitudes or views on something are "yes", it means that there are not only "pros" and "cons", but also "zeros". If the smallest unit of the material world is the quantum, then the material world is composed of the most basic "entangled state" of the quantum. The quantum entanglement state is a zero state, neither a positive state nor a negative state.

From the current state of computing technology, the main selling point of blockchain and its applications is that encrypted distributed ledgers are effectively "unhackable" under normal circumstances.

However, its effectiveness depends largely on the premise of the "state of the technology". If there is a paradigm shift in computing, contemporary blockchain-based systems could be vulnerable to threats due to design flaws. But just how urgent is this threat that could happen at any time?

The progress physicists have made in building operational quantum computers over the past three decades could soon enable this shift. As quantum computers perform better than traditional computers on specific tasks, the milestone of "quantum supremacy" may be achieved at any time, and the question of whether future quantum-based devices can "overcome" the blockchain has become a concern Focus.

Major changes are bound to follow major conflicts, as has always been the case in history.

Whether the elliptic curve can be cracked has been discussed countless times, but it has always been covered up by more hot spots.

Are quantum-resistant digital signatures the answer?

Square: Liu Jin

algorithm, blockchain, computer

and Chairman of the Mathematics Foundation

Let me start with the facts:

Fact1: NIST is the world's top advanced technology standard-setting organization. Since 2017, NIST has spent three years, 100 million US dollars, and nearly a thousand mathematicians, cryptanalysts, and computer security experts around the world to find out "An algorithm that is resistant to cracking by quantum computers" finds out algorithms that cannot be cracked by quantum computers in the near future. What judgment can we draw from Fact1?

Fact2: All digital currencies on the public chain only use digital signatures. In the third round of NIST, only 3 digital signatures are still alive: Falcon, Dilithium, Rainbow. The other three were basically eliminated.

Fact3: Rainbow is the signature with the minimum signature length, and the signature length of Falcon and Dilithium is very long;

Fact4: The U.S. government will start using all the algorithms selected by NIST in the CNSA classification in the United States on January 1, 2029, and all algorithms currently in use will be eliminated.

Fact5: US CNSA classification, the adoption of NIST's PQC standard is the only mandatory requirement so far; this is the Facts related to the algorithm.

The NIST algorithm selection is both unprecedented and unprecedented. Among the current six signatures, 99% of the three signatures in the auxiliary selection have been eliminated: GeMSS, Picnic, and Sphincs+. The three Dilithiums that are being selected have the highest probability of being cracked, Rainbow is basically impossible to be cracked, and Falcon is the one that most people are researching and besieging to crack. It is estimated that there should be hundreds of people studying how to crack NTRU and Falcon. The biggest advantage of Rainbow is that it has the longest history, it is almost recognized that there is no way to crack it, and the signature is the shortest.

page:

https://csrc.nist.gov/Projects/post-quantum-cryptography/round-3-submissions

And https://csrc.nist.gov/projects/post-quantum-cryptography These two pages explain why NIST spends so much energy to determine the algorithm that is resistant to quantum computer cracking. Currently there are only three signatures: Dilithium, Falcon, Rainbow. Among them, the first two are lattice-based signatures, and Rainbow is a multi-variable signature.

"The Importance of Signature Size". Because digital currency needs to broadcast the public key across the network, a minimum signature is required. Among Dilithium, Falcon, and Rainbow, only Rainbow is the smallest signature and has the longest history. The longer the signature, the more it has been reviewed by many mathematicians, the longer it lives, and the harder it is to crack. Therefore, Rainbow should be the only quantum-resistant signature that digital currencies can adopt for a long time in the future.

The algorithm selected by NIST this time, the US military, and zf will adopt the algorithm selected this time in all CNSAs on January 1, 2029, and there are still 8 years to go. Moreover, the U.S. government, the military, and NIST only regard "anti-quantum computer cracking" as the only mandatory requirement so far. Because the US zf, cnsa and NIST are the only mandatory requirements, we expect that all digital currencies must be resistant to quantum computer cracking.

The biggest advantage of ABC is the use of rainbow signatures. PoW, ABCardO and the first NIST algorithm are truly quantum-resistant. Another great advantage of ABC is "only source code". Everyone must remember: ABC only has source code, no Any other, no official, no white paper, no team, no official wallet.

The reason why ABC only has the source code is: to use it in case of war with Dilithium and Falcon in 18 months, and to tell the industry again that all digital currencies that are resistant to quantum computer cracking only have source code and nothing else.

The large public key is not an advantage, but a feature. The public keys of all PQC signatures are very large, so when Bitcoin is changed to a signature, if the public key is broadcast across the network, problems will be encountered. If the public key is large, it will be blocked, sooner or later. The threat of quantum computers to digital currency has only one direction: cracking elliptic curve signatures through public keys. It has nothing to do with the public key size.

In terms of anti-quantum computer cracking, our Mathematical Foundation has two patents. The first one is "Rainbow Signature". The agreement between NIST and Professor Ding is: if NIST chooses rainbow signature as the final standard, we will give up the patent. The second patent is a patent that "solves the problem of too large public keys for all quantum-resistant signatures". It means that if all anti-quantum signatures are used in digital currency, they will encounter congestion sooner or later because of the large public key. Without our patent, it is almost impossible to solve the problem of congestion.

Regarding the patent issue, the biggest bitcoiner said: it does not conform to the spirit of the blockchain. I think it's because we don't see Bitcoin from God's perspective and have a history of 12 years, so we feel that Bitcoin has been defeated repeatedly, and we believe that Bitcoin will never die. In fact, if we put it in the history of cryptography, we will find that the algorithm is only updated every few decades, and the algorithm selected by NIST this time may be enough for a hundred years if it cannot be cracked mathematically or physically. In addition, when Nakamoto wrote Bitcoin in 2009, he did not encounter any patent obstacles. Once he encountered it, Bitcoin should not succeed. By the way: When Neal Koblitz invented the elliptic curve signature in 1984, it was requested by the US Military, so he could not apply for a patent. And recently I said on the video account: All the algorithms of NIST this time, except for the rainbow signature patent, actually have a French patent, which may make all NIST algorithms illegal to use. So the US government is negotiating with the French government to give up and compensate the French government. I guess this news should be known to the public later. What I want to say is: patents will make the public chain yield.

So if you can't understand that "the upward boundary of the market will be the main driver of regulation" and the "algorithm main driver" in the era of algorithm changes, then you may have to Google to complete a lot of information and think again and again.

Bitcoin-Like, except for ABC, if you don’t solve the “PQC signature public key is too large”, don’t use our patented technology, don’t use Dilithium, Falcon or Rainbow, there is no possibility, at least there will be no for many years in the future possible.

Therefore, we expect that all digital currencies will use our patents and signatures as long as they are quantum-resistant in the future.

We judge: After the final standard of Bitcoin is announced by NIST in 2022, the Bitcoin community and this group will fork into: the smallest signature group, and the most authoritative group of NIST. In the end, the smallest signature faction will win about 4 years after 2022, which means becoming the largest faction.

Not that ABC will necessarily be"Global, ultra-long-term" towering trees, but I personally think that the opportunity is very large or very large, and the investment cost is very small for me personally. It is an extremely typical and rare "asymmetric risk", so I personally will take the venture ship.

Opposite: reason

I personally think that with a high probability, it will be difficult for quantum computers to crack Bitcoin's elliptic curve encryption algorithm within our lifetime. The reasons are as follows;

First, Mr. Liu Jin is not a major in quantum computing. He's just a math buff. Moreover, there are many cryptographers and mathematicians in the Bitcoin cryptocurrency community, as well as many other scientists. If Mr. Liu Jin's views are accurate, it is unlikely that they will not see the problem.

Second, the so-called 4,000 qubits can crack the Bitcoin elliptic curve encryption algorithm. The 4,000 qubits here refer to logical qubits. As far as I know, many people who specialize in quantum computers consider the logical qubit Fault tolerance rate, they believe that to successfully crack the elliptic curve encryption algorithm, at least hundreds of thousands or even millions of physical qubits are required.

Third, there is currently no answer to the NPC question in mathematics. I'm afraid there is no shortcut to cracking it, only to accumulate energy and do it violently.

Fourth, quantum computer research is an extremely preface field. We have seen news that a certain company has successfully operated 70 or 80 qubits. The qubits mentioned here are physical qubits, and the gap is still far away. And any primitive new technology, even if it seems to be growing exponentially in the early stage, has a higher probability that most of them will fail. And people are only willing to remember rare successful cases, and mistakenly believe that all primitive technologies that exhibit exponential growth characteristics in the early stage will continue to mature exponentially.

Fifth, even if we assume that quantum computers will pose a threat to Bitcoin in a short period of time, Mr. Liu Jin believes that there is a high probability that Bitcoin will not be successfully upgraded to an anti-quantum algorithm. His reasons were also untenable. Bitcoin itself is an open source software system. If more smart scientists can see the threat, it will be easier for the community to reach a consensus in the face of a clear and unprecedented critical moment of life and death. Teacher Liu Jin believes that the so-called Bitcoin has been successfully upgraded to an anti-quantum algorithm. The six steps before the seven steps are unnecessary worries. Even if there is a hard fork, the computing power will vote to select a better competitive solution. Bitcoin has never been afraid of forks in history. The forks of Bitcoin in the past did not kill Bitcoin, but made Bitcoin stronger. Comparing Bitcoin is a typical anti-fragile system.

Sixth, we assume that quantum computers will become an obvious threat to steal the private keys of those public keys that are published on the network. If it is necessary to manually map to the chain resistant to quantum algorithms, I think the community will also give a time warning. For those long-term A bitcoin that is silent and has disclosed its public key can also be considered lost. It is possible to formulate a plan, such as setting a time limit, after the time when the quantum computer can indeed crack the elliptic curve encryption algorithm, manually operated Bitcoin cannot complete the migration or mapping on the quantum-resistant encryption chain.

Seventh, since Mr. Liu Jin is willing to assume that from the perspective of non-public information, the development speed of quantum computers may be controlled by the military and the development speed is faster than the public thinks. Then we can also equally assume that those who engage in quantum computer research are just cheating more funds to make a big news, not that quantum computers have really developed to the point where they can subvert the current general encryption algorithm of the Internet. And in fact, it really depends on when quantum computers can be successfully used, or on the more professional views of those who really work on quantum computers.

Eighth, whether the anti-quantum encryption algorithm standard announced by NIST will be mandatory for all industries to adopt around 2028, and whether it is just an excessively early concern when quantum computers are being hyped by the media. It is completely uncertain how many detours a quantum computer needs to go into the practical application stage after it has overcome the qubit fault-tolerant mechanism, logic algorithm, and storage expansion problems from the laboratory simulation state. During the period, there may also be insurmountable bottlenecks.

Ninth, there is no cryptocurrency that can find a center to replace Bitcoin, if Bitcoin dies. People's belief in the idea of decentralization through technology will also die. There will also be people who worry that abc has replaced bitcoin today. Will there be another bcd to replace abc with technological progress one day.

Tenth, Bitcoin has achieved decentralization in all aspects. The nearly one million Bitcoins dug by Satoshi Nakamoto in the early days did not reveal the public key. move. To this day no one even knows who Satoshi Nakamoto is. This is not the same as some teams issuing some tokens, thinking that they are gods and should benefit from it, and even pre-mine in advance. Even if Bitcoin dies, big money will be desperate for the entire market, and they will not trust cryptocurrencies with cores or flaws.

references:

references:https://www.8btc.com/article/437817

Quotations from Liu Jin and Anonymous Netizens

According to the data, all experts estimate that quantum computers pose a threat to the integrity of the blockchain are surprisingly similar, basically ranging from 5 to 10 years. Their approach to dealing with potential quantum attacks is also fairly consistent: Most agree that there is a need to gradually move to quantum-resistant cryptography and build the infrastructure to support it. Blockchains must evolve, but quantum computing technology is unlikely to fundamentally threaten their existence.

In order to remain neutral, I will not make any interpretations of the above two, but the editor believes that:

“Quantum computers will redefine not only blockchain cryptography, but anywhere cryptography is applied, including something as simple as an online banking website. There is currently a lot of research and work being done by developers to mitigate this impact, And transform to anti-quantum cryptography or post-quantum cryptography.

However, the challenge of blockchain is not only the threat that quantum computing represents, but also how the blockchain will transform to the new cryptography. "

投资

Welcome to Join Odaily Official Community