4. Materials and Methods
The model developed in this paper, is a combination of Key Distribution using Modified Bit flipping key Encapsulation (MBIKE) which is a Post Quantum Cryptography (PQC) protocol and Post-Quantum Pseudorandom Number Generators (PQ-PRNGs). The model designed will thereafter be tested using simulation in order to assess its ability to withstand current and future quantum attacks as well as its scalability in decentralized blockchain networks. The algorithm used for the model is shown in
Figure 1.
Figure 1. Flowchart for secure transactional security.
Figure 1 shows the quantum resistant pseudocode designed to protect blockchain networks. The processes include transaction initialization using Modified Bit Flipping Key Encapsulation (MBIKE) and Post-Quantum Pseudorandom Number Generators (PQ-PRNGs).
Function Post_Quantum PQ-PRNG1(Start_seed)
// Initializing
(Public_key, private_key) = Generate_Start_lattice_keys
Present_state = start_seed
while true
// Generate a pseudo random text message (e.g. from classical PQ-PRNG or a hash of presentt_state)
Text Message = GeneratePseudoRandomValue (present_state)
// Encapsuate the message using the public key encryption
(cipher, shared_secret) = Encapsulate (public_key, info)
// Use a part of the ciphertext or shared secret as the PQ-PRNG output
Pqprng_output = ExtractBits (ciphertext)
// State update for the next iteration
Present_state = Hash (shared_secret)
Produce pqprng_output
Figure 1 Generating distributed random keys using PQ-PRNG
The algorithm above shows how a post-quantum cryptographic primitive can be integrated into a Post-Quantum Pseudorandom Number Generators (PQ-PRNGs) to achieve quantum resistant blockchain algorithm. The processes involved in this algorithm include, transaction initialization using post-quantum encryption, use of a Post-Quantum Pseudorandom Number Generators (PQ-PRNGs), Post Quantum cryptographic key exchange and secure key generation using MBIKE. These are used to provide secure and quantum resistant key exchange between communicating parties. These processes can be further outlined as follows:
1) Download the Data
The blockchain dataset used for initializing the transaction was downloaded from Mempool archive dataset. Mempool is a queue of pending and unconfirmed data transaction for a blockchain network. Every node on the network maintains its mempool database, this implies that different nodes have different transactions. In order to view the blockchain data in real time, the mempool explorer is used. Mempool explorer enables the visualization of the transactions in the blockchain network. The mempool explorer from block native allows the downloaded data to exchange protocols and wallets when different formats are used within different transactions, Data can then be monitored and the transactions acted upon in real time. This enables administrators of the blockchain network deliver reliable and secure distributed system to quantum cryptographic attacks. The data downloaded from mempool.space is updated by the data from BigQuery, this is done every five minutes to provide regularly updated data to the blockchain network. The combination of the BigQuery data with mempool.space data was used in this paper to analyse the effect of Quantum key Distributuon for secure data transmission, Post quantum Cryptography and Post Quantum Random Number Generator on blockchain network allows for efficient random key generation for secure data communication. When Quantum cryptography is applied to processed mempool data, it results in enhanced transaction security and increased encryption stability, while the production of random keys makes it difficult for quantum threats decipher these keys. The real time update (very hour) of the mempool data together with its rich set of historical data coverage make it efficient in analysing quantum resistant networks.
2) Filtering out Private Transactions and Data Preprocesing
In the Mempool archive, private transactions refer to transactions with no pending event. This can be detected using the time pending column in Mempool lookup table. The time pending field computes the time used for the transaction in the mempool in milliseconds. This is shown in equation (
1).
Time pending = firstConfirmation – firstDetection(1)
The time pending attribute for all private transactions is 0. All transactions with a status of cancel or speedup will be eliminated from the analysis.
DEFINE TABLE PRIVATE_TRANSACTIONS AS
(
CHOOSE.*
FROM
MEMPOOL SAMPLE _ARCHIVE_
WHERE
timepending = 0
AND status != ('speedup', 'cancel')
)
After filtering out unwanted data from Mempool, the next stage is the pre-processing of unconfirmed data with non-zero time pending attribute. Pre-processing involves dealing with missing values and the extraction of functions that best defines the Mempool dataset and updated data. The steps involved in pre-processing is described below:
Cleaning Data: The steps required in filtering out unconfirmed transactions from the dataset comprise isolating and correcting wrong entries in database entries. Filtered data consists of data whose statistics do not conform with the rest of the dataset, together with damaged or repetitive data
. The validity of record statistics is verified by blockchain transaction authentication of each block’s transaction details
| [17] | V. Ganti and A. D. Sarma, Data Cleaning. Springer Nature, 2022. |
[17]
. The downloaded dataset is processed by extracting wrong inputs with incorrect block hashes in addition to uncompleted transactions. For the encryption method to be quantum attack resistant, the processed dataset must be rid of all inconsistent inputs.
Normalization: Normalization of processed records is done by scaling the dataset different from expected values between zero and one. The value of dataset is computed from both its transaction details and measuring of timestamps
| [18] | S. Rouhani and R. Deters, (2021) “Data trust framework using blockchain technology and adaptive transaction validation,” IEEE Access, vol. 9, pp. 90379–90391, 2021. |
[18]
. The proper distribution of records around a value makes them consistent with cryptographic protocol requirements. The need for proper probability distribution of confirmed datasets is to conform to PQC and QKD standards, this will in the long run make for the protocol’s integration with quantum computing requirements.
Alignment of Timestamp: Blockchain transaction’s timestamp is done in real-time, the protocol update is done by MBIKE and Post Quantum Pseudo Random Number Generator (PQ-PRNG). In order to implement quantum security for blockchain networks, the time stamp must conform to the post quantum cryptographic protocol’s time frame
| [19] | I. Izonin, R. Tkachenko, N. Shakhovska, B. Ilchyshyn, and K. K. Singh, (2022) “A two-step data normalization approach for improving classification accuracy in the medical diagnosis domain,” Mathematics, vol. 10, no. 11, pp. 1942 - 1958, 2022. |
[19]
. Blockchain transactions will be well integrated with all order nodes in a decentralized network so as to provide an accurate alignment or timestamp
| [20] | C. Xu, F. Su, B. Xiong, and J. Lehmann, (2022) “Time-aware entity alignment using temporal relational attention,” in Proceedings of the ACM Web Conference 2022, pp. 788–797. |
[20]
. The inclusion of unpredictable pseudo random number generator allows the operation to proceed in line with quantum cryptography guidelines, these guarantees protection from time based attacks.
4.1. Assessing Quantum Cryptography Threats
This section assesses how secure blockchain’s cryptography confirmed data are to quantum attacks. This paper aims to design a blockchain cryptography that is immune to quantum based attacks. Shor’s and Grover’s algorithm presents a framework through which the resilience of blockchain cryptography protocols are tested against quantum attacks. These two algorithms analyse blockchain’s data transactions with a view to validating the cryptography’s resilience to quantum threats. The post quantum cryptography proposed in this paper helps to understand the vulnerability of pre-quantum cryptography to quantum attacks and what properties post quantum blockchain cryptography must have. The operational details of the post quantum cryptography threat assessment for blockchain network are presented below:
Quantum Attack Simulation: Virtual quantum attacks were simulated, and thereafter, quantum algorithms were used to analyse current cryptographic methods. Analysis of the shortcoming of blockchain’s cryptographic protocols in the presence of quantum threats were carried out. The analysis were carried out on the following cryptography algorithms, ECDSA, RSA and SHA-256, BIKE and MBIKE.
Analysis of Quantum Attacks on Security: Quantum algorithms which represents real quantum attacks were simulated, these were incident on the above mentioned cryptography algorithms, with the aim of identifying the weaknesses in their security architecture when implemented on blockchain networks.
MBIKE Algorithm Implementation: An analysis of the weaknesses of ECDSA, RSA and SHA-256 (which uses public key encryption) to Shor’s Algorithm was performed. It was observed that Grover’s Algorithm compromised the SHA-256 within a short range of time. The implementation of these algorithms on top of blockhain network were tested with the aim of determining their weaknesses and possible resilience to quantum attacks.
Assessment of Shor’s Algorithm on Quantum Cryptography: It was observed that RSA and ECDSA were easily compromised by Shor’s Algorithm. This is because the algorithm can factorise large numbers in polynomial time. It should be observed that these techniques rely on the difficulty of classical cryptography to factorise numbers comprising of large primes. This is because it will take increasingly large key size using public key cryptography to factorize these numbers even in a very long time. It is also infeasible to continually increase classical cryptography key size due to its draining of network resources. Unfortunately this is not the case with quantum computer which can easily perform these factorisation and thereby compromising classical cryptography especially public key encryption.
The strength of Shor’s Algorithm is its ability to factorise large primes within polynomial time, the equation used in Shor’s algorithm is shown in equation (
2).
Find g Iterate (g(x) = number of iterations of Bxmod N(2)
Where N is the number (integer) to be factorized, mod N is the remainder when a given number is divided by N, The aim of the function is to identify the least positive integer t, so that the expression in equation 3 is satisfied.
g(x) = Bxmod N, then g(a) = g(d + t)(3)
The aim of the algorithm is to compute the prime factors f and g of N. the first step is computing f X g mod N if the value is 1 then f and g are the prime factors of N, otherwise in the next iteration f is replaced by the remainder of f X g mod N, this operation is repeated until the remainder is one. The final value of f and g are the prime factors of N.
Grover’s Algorithm: This algorithm is used to search for an item in an unstructured (unsorted) data. Grover’s algorithm uses quantum operators to speed of search for a marked element. The use of quantum operators make Grover’s algorithm faster than classical search methods by a square factor, that is whereas it takes classical algorithm O (N) time to search for an item out of N elements, it would only take Grover’s algorithm O (
) time to do the same. Grover’s algorithm tests the security of a blockchain network using SHA-256 cryptographic hash function. SHA-256 hash algorithm is used to secure blockchain networks, and since Grover’s algorithm can quicken the search for a hash collision, it becomes possible for an attacker to modify the hash algorithm to obtain an alternate value which gives same hash output as another value
| [21] | Z. Yang, H. Alfauri, B. Farkiani, R. Jain, R. Di Pietro, and A. Erbad, (2023) “A survey and comparison of post-quantum and quantum blockchains,” IEEE Communication Survey Tutor., vol. 26, no. 2, pp. 967–1002, 2023. |
[21]
. It takes an infinite amount of time for classical algorithms to produce hash collision for a hash algorithm. It should be realized therefore that Grover’s algorithm is used on blockchain network to find an image in which equal hash values are given by two different SHA-256 sources.
In a nutshell Grover’s algorithm is capable of finding a pre-image or hash collision in which another input, different from the original input produces a hash output equal to the original input by a square root factor of time it takes classical cryptography algorithm. The next section describes in detail the Modified Bit Flipping key Encapsulation algorithm.
4.2. The Modified Bit Flipping Key Encapsulation Algorithm
MBIKE is a code based Key Exchange Management (KEM) based on Quasi-Cycle version of the Moderate Density Parity Check (QC-MDPC) code. It uses the Fujisaki-Okamoto (FO) Chosen Cipher text Attack (CCA) transform
| [22] | D. Hofheinz, K. Hövelmanns, and E. Kiltz, (2019)‘‘A modular analysis of the Fujisaki–Okamoto transformation,’’ in Proceedings Theory of Cryptography Conference Cham, Switzerland: Springer, 2019, pp. 341–371. |
| [23] | N. Drucker, S. Gueron, D. Kostic, and E. Persichetti, (2021) ‘‘On the applicability of the Fujisaki–Okamoto transformation to the BIKE KEM,’’ International Journal of Computing Mathematics and Computer System Theory, vol. 6, no. 4, pp. 364–374, Oct. 2021. |
[22, 23]
together with Black Gray Flip (BGF) decoder
| [24] | N. Drucker, S. Gueron, D. Kostic, J. Ding, and J. Tillich, (2022) ‘‘QC-MDPC decoders with several shades of gray,’’ in Proceedings Post Quantum Cryptography, vol. 12100, 2022, pp. 35–50. |
[24]
to test the Indistinguishability under Chosen-Cipher text Attack (IND-CCA) security on the QC-MDPC. The modified Bit Flipping Key Encapsulation scheme used in this paper contains the following subroutines:
System Setup (Input): This sets the level of quantum security (λ) desired,
System (Output) the following systems parameters (s, v, u and w) were used, where
s = s defines the length of the circulant block matrix (a square matrix in which each row is formed by rotating one element to the right of the row at its top). For example for matrix L comprising of N x N blocks, A0, A1, …. AN-1.. The order of a circulant matrix defines its size. The number of circulant block in a row is referred to as the index
L =
s = N/n0 where n0 = 3, in modified BIKE. N = 3r where the length of redundant bits used for error detection and correction. Now r = N – K where N is the length of both the message bits and redundant bits (code word), while K is the length of the message bits. From the analysis in modified BIKE, bit length N = 3r or h = K. 2r, in addition, the lengths of v and u will be large enough to get a low decoding failure rate (DFR). The modified BIKE has three levels of security, 1, 3 and 5 which corresponds to AES-128, AES-192 and AES-256 security respectively. Different sets of system parameters (s, v, u and w) are required for achieving low DFR on the separate security levels. s is the Hamming weight of each parity check matrix row.
v = row weight, this defined an even integer where v/2 is odd, this also represents the Hamming weight of each parity check matrix row.
u = radius of decoding, this is a positive integer, this also represents the Hamming weight of the error vector.
w = shared secret size, this is also a positive integer, this also represents the size of computed symmetric key size.
Figure 2. (previuos page) MBIKE block diagram, Alice makes use of Bob’s public key to produce a secured key ks. As soon as Bob receives ciphertext C, he, gets the same key ks that was generated by Alice (It should be noted that MBIKE does not receive a plaintext because it is a key encapsulation management scheme used by two nodes to generate secured shared key). At the end of the session, both nodes can use the shared key ks in communicating their message using Data Encryption Mechanism (DEM).
Hash Functions: Three hash functions L, M, and N are used in MBIKE. These are randomly and uniformly selected. The input to L is l bits while the output is 2r bits (i.e. H: {0,1}l = {0, 1}), in the same vein, M and N can be represented as M: {0, 1}2r = {0, 1}l while N: {0, 1}2l + r = {0, 1}l respectively.
There are three subroutines in MBIKE, these include key generation, encryption and decryption. The procedure is shown in
Figure 2. The end result of these subroutines result in symmetric key encryption between two agents. The operations of the subroutines are as follows:
Modelling Decoding Failure Rate
In order to model the decoding failure rate (DFR) of a decoder, the statistical distribution of the weight of its syndrome is characterized with the decoder input, this is repeatedly done for all other input in a stream of data. In order to obtain the decoding failure rate for all the input in a data stream, the law of total probability is combined with the DFR estimates of the syndrome weight distribution. The DFR can be estimated in two steps, the first step calculates the unsatisfied parity check (UPC) counts distribution in the first iteration, after which the distribution of the rightly flipped bits (r+) is derived from the error estimate e, together with the wrongly flipped bits (r-). During the second iteration, statistical distributions of r+ and r- is used to partition the bit value position into four divisions, depending on if the positions of the bit values were estimate correctly or not in the first iteration. The two level DFR iteration described above is used to calculate the approximate value of the decoding failure rate based on the overlap of the four division stated earlier.
The Syndrome Weight Distribution Model
Assume (e, s)h h ε {0, 1, 2, 3,….. v} denotes a pair of value which represents error vector e, with its corresponding syndrome s = Hev which are indexed by error vector weight h. The syndrome to be modelled together with its error vector of weight v is assumed to be the last pair in the series, (e, s(0, (e, s)1, (e, s)2, (e, s)3……(e, s)v, here (e, s)0 has a null error vector, while its syndrome is null. (e, s)h, l ≥ 1 represents a pair having error vector having equal asserted bits (bit 1) of an error vector (e, s)h - 1 placed uniformly and randomly among the n – (h – 1) positions.
The Hamming weight of each syndrome from the series stated earlier is modelled as a discrete random variable Xh which is relate to a probability mass function Pr (Xh = z), with h ε {0,….v}, z ε {0,….p}, this can be shown as an array xr(h) = [xr(h)0,….. xr(h)w,…..xr(h)p].
The distribution of the weight of the null syndrome representing the first element in the series xr(0) = [1,0.////0] is first used, the random variable Xv linked to the weight of the syndrome in the series happens to be the same with the last state of of a discrete non homogenous Markov chains having p + 1 states. This type of Markov chain is explicitly defined by xr(0), while the transition matrices, r(h) = [x,y,h]x,yε{0,…p}.
The distribution of the random variable Xh can be computed by multiplying the vector matrix xr(h) = xr(h – 1). R (F), where F ε {1,…..v}, the transition probability in this case is given by rx,y,h = Pr (Xh = z Xh – 1 = w is derived from the first and last weight of the syndrome as from from iteration step 1 described earlier.
The model derived below shows the amount of flips forced on a syndrome bit, the probabilities of flipping up a correct bit an flipping down an asserted bit (bit 1) of a syndrome is computed. Then the statistical distribution of a syndrome weight in addition to the transition probabilities r x,y,h.
The probability mass function Fh is given by the following hypergeometric distribution ϕh (f,h) = Pr (Fh – f) =
From the bit 1 positions of the error vector, a single row is selected from the M rows. The selected row will form a syndrome bit. Anytime the position of one of the selected row contains bit 1 (asserted bit) amongst the x asserted bits from the n bits, the syndrome bit of the selected row is flipped. From the syndrome bit of the series, (e, s)0,,,,,,(e, s)h – 1, the probability that a bit out of the syndrome bit is flipped is given by Pr (Fh = f + 1 Fh – 1 = f) = , where the event, Fh-1 means the syndrome bit is either 0 or 1, this depends on if F is even or odd respectively.
From the above, the probability π
(h) of flipping a bit during step 1 from any syndrome bit which was bit 0 during step h – 1, is dependent on the value of step 1, and this can be computed as in equation (
4).
π(h) =(4)
From equation (
7), the range of f are the even values in {0,…….min (x, h} this equation is the model of the decoding failure rate in MBIKE.
Bob’s public key Pk = h2h1h0
Key Generation: The input to the KeyGen subroutine are the system parameters (s, v, u, w), the outputs are the public key h while the private keys (m0, m1, m2, μ) are used in the asymmetric encryption,
ivate Key: Here m0, m1, m2 = ⅌2, the three parameters have equal weight m0 = m1 = m2 = w/3, where ⅌2 is a cyclic polynomial ring ₣2 [X] / (Xr – 1). In the same vein, m0, m1 and m2 can represent r X 1 column vectors. A part ℧ of the message bits ℵ = {0, 1}l are randomly selected. The private key is finally set as sk = (m0, m1, m2, μ).
Calculate public key (pk) = m2
Return (m0, m1, m2, μ)
Encryption Subroutine: In the encryption subroutine, the public key pk is taken as input and an output cipher text C is generated. C = (C0, C1, C2). The encrypted cipher text is sent to the recipient, the recipient uses a private key pks (asymmetric encryption) to decrypt the cipher text to obtain the plain text. This private key is only known to the recipient. The encryption subroutine has the following steps:
1) An l – bit vector n is uniformly selected at random from the message space M.
2) Calculate e0, e1, e2 = Ϣ(m) where e0, e1 and e2 are error vectors having r bits, in such a way that │ e0 │+ │ e1 │+ │e2 │= t.
3) From the computed error vectors e
0, e
1 and e
2, calculate C = (C
0, C
1, C
2) = e
0 + e
1 h, m
Ի (e0, e1) +
4) e
2 h, m
Ի Ի (e
0, e
1, e
2), these errors are sent to the recipient.
5) IV The secret key (asymmetric) is calculated as ks = Ԩ(m, C).
6) Return (C, Ks)
Decryption Subroutine:
1) This takes both the private key pks (m0, m1, m2, μ) and cipher text C as input to generate symmetric key or a failed symbol Ց, while the output is key k.
2) Calculate the syndrome as S = c0h0h1.
3) S is decoded using the Black-Gray-Flip decoder to get error vectors e0’, e1’ and e2’. If │ e0’│ + │ e1’ │+ │e2│ ≠ t or the operation is halted when decoding procedure is not Ց.
4) Calculate m’ = C
0 
Ի (e
0’, e
1, e
2’). If ℌ(m’) ≠ (e
0’, e
1’, e
2’), then m’ = ꬰ.
5) Return Ks = ℌ(m’, C)
Using the above two subroutines, it will be possible for two nodes to communicate securely over a channel. In asymmetric key encryption, a public key is shared between the sender and receiver, the sender encrypts the message bits with the shared public key while the receiver decrypts the encrypted message (cipher text) using its private key. This will only be possible when only the authentic receiver having the correct private key encrypts the message, otherwise the transmission will be eavesdropped. With the subroutines described above, it will be impossible to eavesdrop the communication between the two parties because only the receiver has the private key required to decrypt the cipher text sent from the sender. This is because the retrieval of the private key from the receiver using the syndrome C0h0h1 from a random Quasi-Cyclic code is proven to be NP-complete. However the authentic receiver can check the correctness of C0 by confirming ℌ(m’) = (e0’, e1’, e2’).
Details of the Modified BIKE: The encoding procedure of the modified BIKE is described as follows: The modified BIKE is developed around the Niederreiter’s framework
| [25] | H. Niederreiter, (1996) ‘‘Knapsack-type cryptosystems and algebraic coding theory,’’ Problems Control Information Theory, vol. 15, no. 2, pp. 159–166, 1996. |
[25]
. Parity check matrix is used to implement the encoding procedure. The systematic format is used for the parity check matrix. The encoding is depicted by equation (
5).
C0= [e0e1e2]. HT= [e0e1e2] [](5)
Where HT is a 3r x r matrix.
This is so as N = r + K = 3r, which is the dimension of
represented as a (r x r x r) matrix. The resultant encoded vector is therefore as shown in equation (
6).
C0= e0+ e1H1+ e2H2(6)
It is possible to write equation (
5) this way because H
2, H
1 and H
0 are circulant blocks which can be represented with their first row as shown in equation (
7).
C0= e0+ e1h1+ e2h2= e0+ e1h + e2h(7)
The Reason why the Decoding Procedure is C0h1h2: In the decrypting subroutine, e
0e
1e
2 has to be recovered from C
0 which is the received cipher text. In order to achieve this, it is assumed that the Quasi-Cycle code ℭ has parity check and generator matrices H = [H
0H
1H
2] and G =
respectively.
is a valid Quasi-Cycle code because these values of parity check and generator matrices satisfy the condition that GH
T = 0. If C has been used to encode a plaintext m = [m
1m
2……m
r]. Note here k = r because n
0 = 3. The generated codeword (u.G) will be
which is a 1 x N column vector, where N = 3r. If an error e with length 3r and weight t is introduced into this codeword, with the added assumption that the error can be represented as e = [e
0e
1e
2], where e
0, e
1 and e
2 are 1 x r vectors, and │e
0 │+ │e
1│ +│ e
2 │= t. If the introduction or the error results in a column vector of size r, then the resultant vector can be written as shown in equation (
8).
s = u.G + e = [+ e0+ e1+ e2(8)
If the syndrome of the vector size r is calculated, the expression in equation (
9) will be obtained. This is due to the fact that adding the transpose of the matrices give the same value as the transpose of the addition of three cyclic matrices. However, this condition can only be fulfilled if matrix D = [D
ij] i.e. the matrix is made up of smaller blocks such that D
T =
].
S = H. rT= [H0H1H2].= H0(() + H1(() + H2(()(9)
As H
0, H
1 and H
2 are circulant blocks, then H
0H
1H
2 = H
2H
1H
0,
= H
2u
T, H
1H
0,
= H
1u
T and
= H
0u
T, there the syndrome can be expressed as shown in equation (
10).
S = H0H1H2uT+ H0H1uT+ H0(10)
The expression in equation (
9) is arrived at due to the fact that modulo 2 addition was used for syndrome decoding. The syndrome above can be used on bit flipping base decoder to get e
0, e
1 and e
2. The encoded vector C
0 = e
0 + e
1 h
1e
2 h
2 h
1 obtained in the modified BIKE encryption subroutine will now be studied. When C
1h
1 is computed the solution will be equal to the syndrome S obtained in equation (
9). It should be noted here that the circulant blocks H
0, H
1 and H
2 can be represented as h
0, h
1 and h
2 respectively, where h
0, h
1 and h
2 are r x 1 column vectors. This means that H
0, H
1 and H
2 are obtained column wise from h
0, h
1 and h
2 respectively.
This shows that e0, e1 and e2 can be obtained from the syndrome S = C0h0h1 by substituting it to a bit flipping decoder which is derived from H = [H0 H1 H2]. It should be noted that the decryption subroutine has three input parameters h0 h1 and h2 which was used to decode the syndrome S = C0h0h1. In the original BIKE code, the parity check matrix has two parameters., H0 and H1, however in this modified version, three parameters H0, H1 and H2 were used resulting in a lower decoding failure rate. Allowing for a lower decoding failure rate will lower the rate of decoding errors in any number of decoding attempts. This will make the decoder more efficient which translates to higher model efficiency.
The algorithm below shows the Modified Bit Flipping Key Encapsulation algorithm
Algorithm: Modified Bit Flipping Key Encapsulation in Decentralized Bank Transactions
Input: t ε coming Customer transaction
ў = 0n; ѿ = w
for j = 1 to N do
t = threshold (j, ѿ, w)
for k = 0 to N – 1 do
If ℭj ≥ T then
ѿ = ѿ
1
Ў = ў – col(G,k)
return ѿ
qkd_keygen_exchange():
key = generate_pseudo-random quantum_key()
α = {0, 1} 256
sk = (h0, h1, h2) = ℌ3 where wgt(h0) = wgt(h1) = wgt(h3) = w odd
h = h2 h1-1 h2-2
return (sk, α, h)
Encryption (C, K) = Encrypt (h)
Message Generation m= Ԩ
Error vector computation (e0, e1, e2) = H(m, h) where wgt(e0, e1, e2) = t and e0, e1, e2 ε ℜ
Calculate the ciphertext C = (c0, c1, c2) = e
0 + e
1h, m
L(e
0, e
1) + e
2hm
L(e
1, e
2)
Calculate the shared key K = Ԩ(m, C)
decryption m = Decrypt(sk, α, h, C)
m’ = Decrypt (sk, C) or ┴ if fails to decode
If ((m’ ≠ ┴). AND. (C == ReEncrypt (m’, h)))
Return K (m’, C)
else
return K(α, C)
Function Generate Secure Pseudo Random Number using PQ-PRNG
define generate_secure_pseudo random_number():
return quantum_pseudo random_number_generator ()
Function Secure Transaction Signing
Define secure_transaction(transaction):
key = pq-prng_key_exchange()
data encrypted = pq-prng_encrypt(transaction, key)
signature = sign_transact (encrypted_data, generate_secure_pseudo random_number())
return signature
Function Blockchain Protocol Enhancement
define blockchain_protocol():
while true:
new_customer details = get_incoming_customer details()
signed_details
secure_transaction(new_customer details)
append_to_blockchain(signed_customer details)
Function Threshold (j, ѿ, w)
T’ ≤ f1 │s│
N = (e + 1)/3
If j = 1 then T = T’+ ḏ
If j = 2 then T = (3T’ + N)/3 + ḏ
If j = 3 then T = (T’ + 3N)/3 + ḏ
If j = 4 then T = (3T’ + 3N)/3 + ḏ
If j = 2 then T = (3T’ + N)/3 + ḏ
If j ≥ 2 then T = T’ + 2N + ḏ
return maximum (f1(│ў, T│))
Ft(y) = 0.006272. y + 11.102. ḏ = 4
Ctr (H, ѿ, k) number of equations not satisfied by the position of k.
5. Result and Discussion
This paper described a post quantum cryptography for a blockchain system. The protocol is made up of two stages, these include (i) post quantum key distribution which was developed using the Modified Bit Clipping key Encapsulation Scheme (MBIKE) and (ii) the Post Quantum Pseudo Random Number Generator (PQ-PRNG) to generate the keys distributed during the communication. From the experiments carried out, the average transaction accuracy increased by 15.6% while the data protection increased by 64% when compared to traditional pre-quantum cryptography algorithms, which makes it better resistant to future enhanced quantum threats. The simulation was done on Python, due to its robustness in implementing cryptography algorithms together with its ability to incorporate the interconnected and decentralized security platforms in a blockchain network. The down side of the protocol is its reduced transaction speed due to the overhead incurred due to the two stages involved in the implementation of the protocol. However this reduction in transaction was more than made up for in its reliability and high resilience to present and possibly future quantum attacks.
5.1. Experimental Setting
This section provides details of experiments carried out using MBIKE on the blockchain network. Different performance metrics were used to test for the effectiveness of the proposed model.
Table 1 shows the simulation parameters of MBIKE use in the blockchain system, while
Table 2 shows the tools used to design the experimental setup for MBIKE based blockchain network. The framework used for the model was Hyperledger fabric, this was installed on a Linux operating system. Virtual machines were created using the Docker Engine, while one Hyperledger fabric were embedded on the virtual machines in a Docker image. Information about the blockchain network was gathered using the Hypeledger Caliper, which was used to gather data from the network (Hyperledger Caliper was embedded into the blockchain network). Apache CouchDB Q, an open source database was used to save the standard results from Hyperledger Fabric.
5.2. Performance Analysis
The MBIKE blockchain network proposed in this paper was analyzed using Hyperledger Caliper which is an open source tool. From the simulation carried out, in various experimental settings, there was reduction in the transaction speed in due to the increased network overhead in Modified Bit clipping key Encapsulation scheme The transaction speed in (MBIKE) was 47.5 TPS compare to 59 TPS, and 65 TPS in ECC-RSA blockchain model, The reduction in transaction speed of MBIKE was due to 17% increased overhead resulting from the more computationally involved MBIKE algorithm especially with the increase in vector size of the syndrome resulting from the introduction of higher size error vector into the generator matrix, the increased error vector size resulted in enhanced security. It should be noted that the transactions per second (TPS) in blockchain technology determines the extent to which the network is scalable. This means that MBIKE system is capable of higher level of scalability. The time needed to encrypt a string was about 2.4 ms to 2.7 ms, while the corresponding decryption time was between 4.8 ms to 6.4ms. The time required for data transmission from source to destination is almost immediate (i.e. no latency). The Cryptography algorithm (MBIKE) is resilient to quantum attacks, though at a little overhead. The simulation environment used for the MBIKE blockchain model is shown in
Table 1. The t
able shows the parameters used in configuring the model. The parameters listed here was used in order to optimize the operation of the MBIKE blockchain network.
Table 2 shows performance evaluation comparison between MBIKE, BIKE and traditional blockchain cryptography algorithm.
Table 1. Simulation Environment for the MBIKE model.
Components | Specifications |
Docker Engine | 21.11.18 |
Docker Composer | 1.30.2 |
CPU | Intel i3 core 3.7 GHz CPU, 1 TB, HDD 16 GB RAM |
Operating System | Linux Mint Debian edition |
Node SDK | Node.js |
Blockchain Technology | Hyperledger fabric |
Programming language | Java 8 |
Database | Apache CouchDB Q |
Table 2. Parameters for the Experimental setup for MBIKE blockchain network.
Parameters | Values | Description |
Size of block | 257024 | Block maximum size |
Block Interval | 300,350,400 | Creation time for new block |
TSOs | 1 | Transmission system operation for the network |
DSOs | 5 | Distribution system operator for the network |
Internal Database | CouchDB | Storage for Ledger data |
External Database | Azure Blob Storage | Storage for off-chain data |
Ordering Service | Quantum Byzantine Fault Tolerance | Responsible for ordering transaction into the block |
Policy for Endorsing | Aurora Postgre SQL | Determines policy which members must agree in order for new nodes to be added |
Table 3. Performance Evaluation.
Metrics | Traditional Blockchain ECC, RSA | BIkE Blockchain | MBIKE Blockchain |
Speed | 65 TPS | 59 TPS | 47.5 TPS |
Computational Cost | 1.06 | 1.26 | 1.30 |
Time for Encryption | 2.6ms | 2.85ms | 2.91ms |
Time for Decryption | 5.1ms | 6.8ms | 6.93ms |
5.3. MBIKE’s Performance Analysis in a Blockchain Network
The combination of Post Quantum Pseudo Random Number using (PQ-PRNG) and MBIKE enhanced the security in blockchain network due to its use of NP-complete code based cryptography as explained in section III, the Modified Bit Flipping Key Encapsulation Scheme (MBIKE) is a code based Key Exchange Management (KEM) based on Quasi-Cyclic Moderate Density Parity Check (QC-MDPC) code. This is shown in
Figure 4. It employed an increased syndrome size compared to the original BIKE in order to enhance the security of the code. The cyclic polynomial size was also increased in order to incorporate a higher bit error vector size, this will make it even more difficult for an eavesdropper to detect locations of errors in the code word, thereby improving the security of the code. The QKD incorporated into the MBIKE resulted in secure key exchange with Quantum Bit Error Rate (QBER) ≤ 1.5%. Due to the introduction of higher bit error vector size, the entropy of the generated keys was improved from 0.97 entropy in BIKE and 0.82 in traditional cryptography to 0.995 in MBIKE. This makes it even more difficult for adversarial nodes (eavesdropper) from predicting the code word. The increased size of the error vector and cyclic polynomial size introduced additional overhead in MBIKE so the cryptography speed (TPS) was reduced to 47.5 TPS as compared to 59 TPS in BIKE and 65 TPS in traditional cryptography, as shown in
Figure 3, however this trade off was more than compensated for by the improved resilience to quantum attacks. The cyclic polynomial size was increased in order to incorporate a higher bit error vector size, this has the effect of making a higher bit size error to be introduced into the encrypted data, which will make it even more difficult for an eavesdropper to detect locations of errors in the code word, thereby improving the security of the code. The setup of MBIKE’s seamless interconnection / interoperability with blockchain network in addition with its fairness in mining makes it easily deployable for blockchain network.
Figure 3. Transaction speed comparison.
Figure 4 shows a chart which compared MBIKE’s blockchain security using (i) hash rate (ii) Nakamoto coefficient and (iii) number of active nodes with BIKE and classical cryptography. Hash rate measures the computational power needed in mining and securing the network. Nakamoto coefficient determines the number of different entities such as validators, mining pools, token holders needed to collude the network so as to disrupt its operations. This metric measures the level of decentralization of the blockchain network. Number of distributed nodes measure the percentage of total nodes required to be captured by an adversarial node before the network can be compromised. From the graph (
Figure 4), it can be noticed that MBIKE outperformed the classical cryptography and BIKE methods in terms of hash rate by 37% and 24% respectively, in terms of Nakamoto coefficient by 24% and 30% respectively in terms on number of active nodes by 22% and 28% respectively.
Figure 5 shows security comparison in key exchange of MBIKE with that of BIKE and classical cryptography. From the graph, it was observed that MBIKE outperformed the classical cryptography and BIKE by 56% and 21% respectively. MBIKE introduced improved randomness of 23% and 11% to classical cryptography and BIKE cryptography respectively, MBIKE also interfaces seamlessly to blockchain network, which further aids its performance and operational fairness. From
Figure 6, it can be observed that MBIKE reduced the quantum bit error rate (QBER) from 0.04 in traditional cryptography and 0.021 in BIKE to 0,012. In terms of smart contract security (shown in
Figure 6) which is used to protect operations on a blockchain network, MBIKE outperforms traditional blockchain technology and BIKE by 21% and 8% respectively. Smart contract usually refer to the protection of blockchain source codes from intrusion and other software malfunctions. In terms of mining fairness (shown in
Figure 7) MBIKE outperforms traditional blockchain technology and BIKE by 25% and 7% respectively. It should be noted that mining fairness refers to the fact that various nodes in blockchain transactions should receive number of block reward in direct proportion to the computational hash rate they contributed to the network. This means that a node with higher computational requirement (hash rate) should have faster access time than that with smaller transaction percentage. This scenario is usually violated in blockchain technology due to the presence of blockchain forks resulting from multiple miner in a network locating a valid block around the same time.
5.4. Comparison of MBIKE’s Key Exchange and Encryption Security
Blockchain security is based on 256-bit encryption using RSA, SHA-256 and ECDSA in classical blockchain environment while MBIKE blockchain is based on 512 bit code based cryptography. Classical cryptography can be compromised (eavesdropped) in a blockchain network using quantum computers, however this is impossible with MBIKE. MBIKE’S QBER is ≤ 1.5% as shown in
Figure 6 which is a confirmation of its secure key exchange. Though key exchange with classical cryptography’s pseudo randomness has entropy of around 0.85, the key exchange using pseudo randomness in MBIKE is 0.995. This is due to the NP-complete nature of the McEliece cryptosystem public key encryption used in MBIKE. These properties make MBIKE code based cryptography have enhanced blockchain security affording optimum resilience, integrity and confidentiality to existing and predicted future quantum threats with increased power of quantum computers in view.
Figure 4. Blockchain security comparison.
Figure 5. Key Exchange security comparison.
From
Figure 8, it can be observed that while classical cryptography can easily be compromised by quantum threats, Quantum based MBIKE is resilient to quantum threats, its improved encryption efficiency / resiliency compared to classical cryptography is 100%, while it outperforms BIKE by 16%. It also improves key exchange confidentiality in comparison to classical cryptography and BIKE by 1125% an 25% respectively. The QBER in MBIKE is lower to both classical cryptography and BIKE cryptography by 65% and 30% respectively. The entropy value, i.e. unpredictability of the Post Quantum Pseudo Random Number (PQ-PRNG) was increased in comparison to classical cryptography and BIKE by 17% and 4% respectively. These results validate the improvement of MBIKE’s blockchain technology with respect to the different performance metrics when compared to the traditional and BIKE’s blockchain systems.
Table 4. Comparison of traditional and BIKE blockchain with MBIKE blockchain network.
| Transaction per second (TPS) | Transaction Finality time | Level of Smart contract security | Mining Fairness | Interoperability Security |
Traditional Blockchain | 65 | 10 | 4 | 3 | 2 |
BIKE Blockchain | 59 | 12 | 6 | 5 | 4 |
MBIKE Blockchain | 47.5 | 15 | 8 | 7 | 6 |
Figure 6. Quantum Bit Error Rate comparison.
Figure 7. Smart Contract security comparison.
Figure 8. Comparison of Mining Fairness.
5.5. MBIKE’s Analysis on Blockchain Transaction and Security
The combination of Post Quantum Pseudo Random Number Generator (PQ-PRNG) and MBIKE resulted in improvement in various performance metrics related to transaction security from the experiments conducted in this paper. From
Table 3, the transaction per second (TPS) was reduced from 65 TPS in classical cryptography to 47.5 TPS in MBIKE. This is due to the increased overhead i.e. syndrome size used in MBIKE compared to both the original BIKE and classical cryptography algorithm, this was done in order to enhance the security of the code. The cyclic polynomial size was also increased in order to incorporate a higher bit error vector size, this has the effect of making higher bit size error introduced to the encrypted data, and this will make it even more difficult for an eavesdropper to detect locations of errors in the code word, thereby improving the security of the code. In the same vein, the transaction finality time was increased from 10 seconds in classical cryptography to 15 seconds in MBIKE, however this increase was more than made up for in terms in increased quantum threat protection.
The use of Post Quantum Pseudo Random Number Generator (PQ-PRNG) improved the unpredictability of the key exchange mechanism (KEM), the size of the error bit was increased in MBIKE as compared to BIKE so as to make the decryption of the encrypted data from the source difficult for the eavesdropper. The PQ-PRNG is an NP-complete system. The improved KEM enhances blockchain transaction security across different blockchain platforms. MBIKE can easily be incorporated to many blockchain platforms due to its enhanced interoperability feature as shown in
Table 4, this ultimately leads to efficient and secure communications across various blockchain networks.
Figure 9. MBIKE; s comparison with both BIKe and traitional blockchain network performance.
It can be noticed from
Table 6 that the performance of post quantum cryptography algorithm (MBIKE) outweigh that of classical cryptography and BIKE cryptography algorithms in the Blockchain system. Classical cryptography has 4% and 6% better performance in terms of transaction speed compared to BIKE and MBIKE respectively, In terms of transaction finality time (i.e. time taken to complete communication between sender and receiver) in a blockchain network, classical cryptography outperforms BIKE an MBIKE by 3% and 5% respectively. However in terms of operation transparency (mining fairness also shown in
Figure 8), MBIKE outperforms BIKE and classical cryptography by 65% and 12% respectively, while in terms of protection against quantum threats (interoperability security), MBIKE outperforms BIKE and classical cryptography by 60% and 9% respectively. In terms of resilience to smart contract security, MBIKE outperforms BIKE and classical cryptography by 57% and 10% respectively.
5.6. Analysis of MBIKE’s Resilience to Quantum Attack
It was earlier emphasized that Shor’s algorithm can compromise RSA cryptosystem in polynomial time, while Grover’s algorithm can quicken brute force attack on SHA-256 hash code s in polynomial time. Classical key exchange is vulnerable to Man In the Middle (MITM) attack, however, MBIKE is resilient to all these attacks due to its NP-complete code based nature, i.e. it is difficult to decode random linear codes with the addition of random errors in the code words by quantum computers, in order words its key exchange mechanism is quantum attack resilient The ability of the combination of MBIKE which is a Post Quantum Cryptography protocol and Post Quantum Pseudo Random Number Generator (PQ-PRNG) to mitigate the weakness to quantum attacks observed in other classical cryptography algorithms is shown in
Figure 9.
The Combination of MBIKE and Post Quantum Pseudo Random Number Generator (PQ-PRNG) improve the security of blockchain network when compared to both traditional blockchain systems and BIKE systems. It should be noted that RSA-2048, ECDSA and SHA-256 are the encryption techniques used in traditional blockchain systems, however as stated earlier these cryptographic techniques can be compromised by quantum computing algorithms such as Shor’s algorithm and Grover’s algorithm. From the results in the experiments carried out in this section and as shown in
Figure 10, it was observed that MBIKE is resilient to quantum attacks. The Man in the Middle attack cannot compromise MBIKE due to its NP-complete code based cryptography nature, this also makes it secure against upcoming and future quantum threats. The Post Quantum Pseudo Random Number Generator (PQ-PRNG) method used also increases the difficulty of adversarial nodes in identifying the randomness of the key distribution mechanism thereby making it impossible to decrypt the cipher text from the sender. The only shortfall is the increased transaction per second (TPS) and coherence time resulting from the overhead i.e. syndrome size used in MBIKE is higher compared to both the original BIKE and classical cryptography algorithm. This was done in order to enhance the security of the code. The cyclic polynomial size was also increased in order to incorporate a higher bit error vector size, this has the effect of making higher bit size error introduced to the encrypted data, and this will make it even more difficult for an eavesdropper to detect locations of errors in the code word, thereby improving the security of the code. On the long run, the deployment of the MBIKE on a blockchain system will enhance fairer mining and improved security to upcoming and future quantum attacks.
Table 5. Comparison of traditional and BIKE blockchain network security with MBIKE in the face of Quantum threats.
| Encryption Strength (Normalized) | Key exchange Vulnerability | Quantum Bit Error rate (QBER) | Key Generation randomness (Entropy) Normalized |
Traditional Blockchain | 0.78 | 10 | 15 | 0.85 |
BIKE Blockchain | 0.89 | 100 | 10 | 0.99 |
MBIKE Blockchain | 0.96 | 125 | 5 | 0.995 |
Figure 10. Comparison of Vulnerability/Resilience of MBIKE Blockchain with traitional and BIKE Blockchain networks.
From
Table 5, it can be seen that MBIKE in combination with PQ-PRNG show remarkable resilience to quantum attacks in a blockchain network as opposed to the classical blockchain system. In terms of encryption strength, MBIKE outperforms BIKE and the classical blockchain system by 14% and 23% respectively, in terms of key exchange security, MBIKE outperforms BIKE and the classical blockchain system by 14% and 35% respectively, in terms of key generation randomness, MBIKE outperforms BIKE and the classical blockchain system by 10% and 33% respectively, in terms of quantum bit error rate, MBIKE outperforms BIKE and the classical blockchain system by 22% and 38% respectively,
Table 6. Comparison of MBIKE to both BIKE and traditional blockchain network in terms of various network security performance metrics.
Performance Metrics | ES | KES | RKG | QBER | TPS | TFT | MS | IS | RSA | RGA |
Cryptography Algoritms | Security an Performance values |
Traditional Blockchain | 7 | 8 | 7 | 0 | 65 | 10 | 6 | 9 | 2 | 4 |
BIKE Blockchain | 12 | 13 | 13 | 12 | 59 | 14 | 13 | 14 | 17 | 16 |
MBIKE Blockchain | 18 | 20 | 19 | 19 | 47.5 | 20 | 19 | 20 | 25 | 24 |
Figure 11. Comparison of MBIKE to both BIKE and traditional blockchain network in terms of various network security performance metrics.
Table 6 and
Figure 11 show the general MBIKE blockchain network performance with both BIKE and traditional blockchain network using different network performance metrics. From the table it can be seen that MBIKE outperforms both BIKE and the traditional blockchain network in terms of encryption strength by 50% and 112% respectively. In terms of Key exchange security, MBIKE outperforms both BIKE and the traditional blockchain network by 45% and 120% respectively. In terms of randomness in key generation, MBIKE outperforms both BIKE and the traditional blockchain network by 40% and 110% respectively. In terms of Quantum bit error rate, it will be noticed that the traditional blockchain network has a value of 0 as it is not resilient to Quantum attacks, here MBIKE outperforms BIKE by 55%. In terms of transaction speed, the increased overhead in MBIKE as discussed earlier made it incur a lower transaction speed per second, here MBIKE has a lower TPS compare to both BIKE an traditional blockchain network by 13% an 27% respectively. In terms of transaction finality time, MBIKE outperforms both BIKE and the traditional blockchain network by 60% and 100% respectively. In terms of mining security, MBIKE outperforms both BIKE and the traditional blockchain network by 40% and 120% respectively. In terms of interoperability security, which etermines the flexibility of the algorithm to iffernf blockchain network configuration, MBIKE outperforms both BIKE and the traditional blockchain network by 40% and 110% respectively. In terms of resistance to Shor’s algorithm, MBIKE outperforms both BIKE and the traditional blockchain network by 45% and 210% respectively, while in terms of resistance to Grover’s algorithm, MBIKE outperforms both BIKE and the traditional blockchain network by 50% and 240% respectively.
5.7. Analysis of MBIKE’s Blockchain Security Metrics with and Without Implementing Quantum Security
MBIKE in combination with the embedded QKD and PQ-PRNG show improved security and error free ledger transaction.
Table 7 shows the improvements to security offered by MBIKE in combination with the embedded QKD and PQ-PRNG in a blockchain system. The following results were highlighted (i) MBIKE resulted in increased ledger transaction accuracy from 84% in traditional blockchain to 99.95% in MBIKE. (ii) MBIKE outperforms the traditional blockchain system in terms of resilience to quantum threats by 36%. As a result of the NP-complete code based nature of MBIKE, the man in the middle attack (MITM) was completely repelled. (iii) Entropy in the key generation was increased from 0.85 in traditional blockchain system to 0.995 in MBIKE blockchain system. This is due to both use of Post Quantum Pseudo Random Number (PQ-PRNG) which increases the randomness and increase in the cyclic polynomial size used in incorporating a higher bit error vector size into the algorithm, thereby increasing the unpredictability in identifying position of bit errors in the input codeword. Overall, the resistance of MBIKE blockchain network to quantum attack was increased from 40% in traditional blockchain system to 99%, while (iv) mining fairness was improved by 34%. In MBIKE blockchain system compared to traditional blockchain network, it therefore provides a more decentralized and secure platform for banking and cryptocurrency. The only downside was the reduction in number of transactions per second (TPS) in MBIKE compared to the traditional encryption system due to the increased overhead due to both syndrome and cyclic polynomial size. The reduction in TPS was 17% in comparison to tradition encryption system.
Table 7. Blockchain security before and after applying MBIKE algorithm.
| Without Quantum security | With MBIKE and PQ-PRNG | Improvement in accuracy |
Accuracy in transaction encryption | 89% | 99.98% | 10.98% |
Security of key exchange | 72% | 99.88 | 17.88% |
Entropy value for key generation (Normalized) | 0.88 | 0.995 | 0.115 |
Resilience to Quantum attacks | 44% | 99% | 55% |
Mining Fairness | 77% | 99.2% | 22.2% |
It has been shown by the work of researchers in
| [26] | Q. Guo, T. Johansson, and P. Stankovski, (2020) ‘‘A key recovery attack on MDPC with CCA security using decoding errors,’’ in Proceedings International Conference Theory Application of Cryptology Information Security Cham, Switzerland: Springer, 2020, pp. 789–815. |
[26]
that the QC-MDPC variant of McEliece is not resistant to a specific reaction attack which takes advantage of the decoding failures which can prevent recovering the private key. This shortcoming is addressed in MBIKE with the increase in randomness of the codeword generated by the sender, it should be noted that MBIKE incorporate randomness into the key generation procedure used in decrypting the plaintext. In other words a public private key pair is generated for each cipher text. However instead of generating unique public/private key pair for each transaction, MBIKE uses the same private key for a full session of transaction, while the PQ-PRNG is used to repeatedly generate new public key for same private key for every transaction. With this approach, the reaction based key recovery cannot be realistic since different private/public key pair are generated for each ciphertext which would require the reaction based attack make several observations of the randomness introduced by the PQ-PRNG code.
5.8. Security of MBIKE Against Side Channel Attack
Side channel attacks cripples a cryptosystem by observing the implementation requirements (performance metrics) of the system
| [27] | V. Dragoi, T. Richmond, D. Bucerzan, and A. Legay, (2022) ‘‘Survey on cryptanalysis of code-based cryptography: From theoretical to physical attacks,’’ in Proceedings 9th International. Conference of Computer Communication Control (ICCCC), May 2022, pp. 215–223. |
[27]
, in other words there are many categories of side channel attacks, targeting different performance metrics of a system, i.e. timing attacks, power consumption attack, latency attacks. For example in the timing side channel attack, the threat attempts to obtain the time taken to complete every complete transfer from source to destination. In MBIKE, the system parameters are not fixed in dimension due to the randomness in error bit size introduced into the codeword generated from the sender as well as the sizes of the syndrome and cyclic polynomial size. These adjustable parameters bring about uncertainty into value of the performance metrics thereby making it very difficult for side channel attack to intrude.
A protection for the differential power analysis (DPA) is given below. Whenever any value from the data captured by a side channel attack is modified, the power consumption is depleted as shown in equation (
11).
P = a X t0+ P X t0+ V(11)
Where a represents the power consumed by the bit an attacker wants to capture, P X t0 represents the power consumed due to bit t0 and other bits (which the attacker isn’t interested in) in the channel being checked by the attacker, while V represents the power consumed by bits not related to t0.
When an attacker captures an event (bit) from a channel, it is represented in 3n bytes, where n denotes the size of each word data. The attacker will have a higher probability of modifying bits in the channel if he is able to capture adequate information from his measurement to lower the number of attempts to 28 tries. When the hamming weight of captured data is either very low or very high, the attacker will be able to capture enough data from the data in order to compromise the data transmission, and in the extreme case that the hamming weight is zero, the attacker can capture all data in the channel. However, if it was assumed that the secret values are uniformly distributed, the probability distribution of the information available to the attacker can be calculated. Experiments were conducted using the experimental setup in section? to calculate the probability distribution for 64 bits and 128 bits words. From the results obtained from the experiments, it was deduced that the probability that an attacker captures enough information from the channel in order to compromise it is about 2-238.
The probability distribution for different word size and security size was computed, the probabilities for every event that gives the attacker a higher likelihood above the desired security level was computed. The probabilities are shown in
Table 8. From the table, it can be realized that the probability of channel data capture is lower than the desired security level.
Table 8. Probability of attack as a result of hamming weight.
Strength of Security | Size of word | Probability of leakage |
128 | 32 | 2-225 |
| 64 | 2-240 |
192 | 32 | 2-335 |
| 64 | 2-355 |
256 | 32 | 2-443 |
| 64 | 2-472 |
5.9. Analysis Discussion
The results obtained from the different experiments carried out in this paper attests to the fact that MBIKE which is a code base post quantum cryptography technique had overwhelming performance upgrade to the cryptography algorithm used in traditional blockchain systems. As discussed earlier, it had performance increase in its resilience to quantum attack due to its NP complete code based error correcting algorithm, improved mining transparency, and improved Time to live (TTL) of the ledger operations. With the embedded QKD, the system achieves efficient and optimum key distribution mechanism, while its increased syndrome and cyclic polynomial size almost make it impossible to detect locations of errors in the codeword making it almost impossible for attackers to decrypt the cipher text. The use of PQ-PRNG increases the randomness (entropy) in key distribution thereby making it difficult for attackers to guess the key used for decryption in any round of cryptography operation. All these preserves the integrity of data transmission and transaction confidentiality in the blockchain system.
Share This Article
Twitter
Linked In
Facebook
Copy
Download
