Abstract
This research has two parts; the first is to identify enterprise Hyperledger Fabric (HLF) blockchain cybersecurity vulnerabilities, threats, and legal obligations in a Post-Quantum Cryptography (PQC) world. HLF is a permissioned blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devasting impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR), requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. The second part of this research is the independent evaluation and testing of National Institute of Standards and Technology (NIST), based Second Round Candidate PQC, lattice-based digital signature scheme, qTESLA. It’s, second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” simple “plug-and-play” function and replacement for HLF’s PKI. This work also proposes qTESLA’s public keys be used to create a quantum-resistant\classical hybrid PKI near-term replacement.
Highlights
An X.509 Public Key Infrastructure (PKI) is a security architecture that uses cryptographic mechanisms to support functions such as email protection, web server authentication, signature generation, and validation
The test result yields smaller key sizes; ; given today’s standards and applications in use only qTESLA’s public key is recommended for use in a hybrid PKI solution. qTESLA’s public-key is an adequate replacement for the current ECDSA public-key
The author tracked with National Institute of Standards and Technology (NIST) in identifying three broad aspects of evaluation criteria that would be used to compare candidate algorithms throughout the NIST Post-Quantum Cryptography (PQC) Standardization Process
Summary
An X.509 PKI is a security architecture that uses cryptographic mechanisms to support functions such as email protection, web server authentication, signature generation, and validation. PKI is a security architecture that uses cryptographic mechanisms to support functions such as email protection, web server authentication, signature generation, and validation. It is a specification upon which applications like Secure Multipurpose Internet Mail Extensions (S/MIME) and Transport Layer Security (TLS) are based. This work evaluates HLF’s blockchain post-quantum computing vulnerabilities and threats given global regulatory requirements and provides valuable second-round qTESLA independent testing and evaluation data and aids in the NIST Post-Quantum Cryptography Standardization Process [3]. The author encourages additional independent testing, verification, and validation of qTESLA as one of the most practical hybrid quantum-resistant PKI systems
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
