A Quantum-Resistant Blockchain System: A Comparative Analysis

: Blockchain transactions are decentralized, secure, and transparent, and they have altered industries. However, the emergence of quantum computing presents a severe security risk to the traditional encryption algorithms used in blockchain. Post-quantum signatures are required to preserve integrity and reliability. Furthermore, combining the InterPlanetary File System (IPFS) with blockchain provides a long-term strategy for data storage and sharing. This study investigates the integration of post-quantum signatures with the IPFS in a blockchain system, which can considerably enhance blockchain system efﬁciency. We increase security and efﬁciency by recording hash values of signatures and public keys within the blockchain and storing their actual content using the IPFS. The study compares NIST-recommended post-quantum signatures with the ECDSA in a Bitcoin exchange scheme to show how effective the system is in countering quantum threats while maintaining optimal performance. This research makes an important addition to the long-term viability and dependability of blockchain technology in the face of the growing landscape of quantum computing breakthroughs.


Introduction
Blockchain, a decentralized digital ledger technology, has gained widespread popularity due to its inherent traits such as non-tampering, non-forgery, traceability, transparent data, and safety.By leveraging public key cryptography, blockchain enables secure and trustless information sharing among peers, effectively resolving the double-spending problem.As blockchain finds its applications in smart factories, measurement systems, logistics, and e-voting, ensuring the integrity and authenticity of transactions becomes paramount.
However, the rise of quantum computing presents a significant threat to the security of blockchain systems.Communication and trust between dispersed blockchain network nodes must depend on digital signature mechanisms, which principally permit verification of information identity, authenticity, and integrity.Quantum computing's ability to solve complex mathematical problems efficiently, such as breaking down numbers into their prime factors and solving discrete logarithmic problems, undermines the security of traditional digital signature schemes, like the RSA, ECDSA, ECDH, and DSA.The robustness of blockchain, which relies on these signature schemes for integrity and authentication, faces uncertainty in the face of quantum computing advancements.Current blockchain systems could become obsolete due to quantum attacks on cryptography algorithms, which could lead to fraudulent transactions and unauthorized data access.The capacity of quantum computers to solve complicated mathematical problems may quickly undermine blockchain's decentralized nature, raising questions about the security and integrity of distributed ledger networks.Consequently, there exists a pressing demand to explore and implement post-quantum signature schemes to ensure the sustained security and resilience of blockchain networks in the quantum era.
Comparing the ECDSA with NIST-recommended post-quantum schemes allows us to weigh the balance between current cryptographic standards and the imperative of future quantum resistance.This evaluation is rooted in established standards with global recognition.Consequently, this paper initiates with a comprehensive exploration of the present landscape of post-quantum cryptography, offering crucial insights for researchers aspiring to construct secure blockchain networks.Subsequently, the paper delves into the practical execution of the most promising post-quantum signature methods in conjunction with the ECDSA within the blockchain context.Given the substantial size of public keys and signatures in post-quantum schemes, they can consume a significant portion of a block's capacity.To address this, we employ the IPFS for storing public keys and signatures, while only storing their hash values on the blockchain.
This study meticulously examines the challenges in implementing these schemes.Additionally, it extensively compares the performance of post-quantum signature schemes to pinpoint the optimal solutions for constructing robust and quantum-resistant blockchains.This research serves as a valuable contribution to the enduring sustainability and dependability of blockchain technology amid the evolving landscape of quantum computing advancements.
The structure of this paper is outlined as follows: Related research on post-quantum signature techniques for blockchain-enabled systems is covered in Section 2 of this article.Section 3 discusses blockchain-enabled systems, blockchain security, and the IPFS network.Section 4 presents the effects of quantum computing on blockchains and an overview of post-quantum cryptosystems.In Section 5, we present post-quantum signature schemes approved by the NIST.Section 6 includes the comparative study of blockchain performance on the IPFS network, evaluating the effectiveness of post-quantum signatures suggested by the NIST versus the standard ECDSA signatures.Finally, Section 7 provides the conclusions drawn from our study.

Related Works
Blockchain transactions that are transparent, safe, and decentralized have changed entire sectors.Two basic strategies-quantum-secured blockchain and quantum-resistant blockchain-have been employed by researchers to protect blockchain in recent years from future quantum computer attacks.Digital signatures derived from quantum-resistant algorithms are used in quantum-resistant blockchain, although their practical applications are still limited, and the problem of long public keys still exists.Numerous industries have adopted blockchain technology, and almost 3000 virtual currencies, including well-known ones like Ethereum [1], Ripple, and Tether, use it for cross-border transactions.
The family of post-quantum algorithms with the highest efficacy in countering quantum attacks, which have garnered a lot of attention recently, is lattice cryptography.A few signature techniques based on lattice cryptography have been proposed in references [2][3][4].These approaches aim to enhance transaction handling within blockchain systems, yet they prove ineffective for blockchain technologies operating in computationally intricate environments.Gao et.al.unveiled a blockchain-compatible double signing method [3].The scheme's security is solely predicated on the SIS assumption.Li et.al.created a technique for digital signatures using the bonsai trees technology [4].Its security is established within the framework of the random oracle model.The author in [5] explores how blockchain technology is being used in smart cities and suggests a quantum-resistant blockchain platform built upon lattice cryptography.The paper [6] analyzes the most significant cryptocurrencies in the context of quantum risks, ranking them by market capitalization (MC).The author suggests a blockchain design for the Internet of Things (IoT) using the NTRU lattice, along with a cryptographic security validation for the system, in order to build a highly effective post-quantum blockchain infrastructure.
There are no recent data breaches or security breaches in the domain of blockchain using quantum computers, but there are some potential vulnerabilities due to the development of quantum computing, which highlights the urgency for introducing quantum-resistant algorithms.Demonstrations of quantum algorithms like Shor's have showcased their potential to compromise widely used encryption techniques, placing data security at risk.Additionally, there is a concern regarding historical data encrypted using vulnerable methods, as they could be exposed in the future, posing potential breaches.Quantum computing's ability to intercept and decrypt secure communications has significant implications for national security.Furthermore, blockchain technology, which relies on public key cryptography for its decentralized trust model, is particularly susceptible to quantum attacks that could expose private keys from public ones.Notably, a recent study reveals that a substantial portion of cryptocurrency holdings, including 25% of Bitcoin and 65% of ether, resides in addresses with publicly known public keys, raising concerns about their vulnerability to theft by powerful quantum computers.To mitigate these risks, it is imperative to expedite the development and adoption of quantum-resistant cryptographic solutions to ensure the continued security of digital systems and assets.

Blockchain-Enabled Systems
A technological infrastructure that uses blockchain technology to offer decentralized, open-source, and safe solutions for diverse applications is referred to as a blockchainenabled system depicted in Figure 1.At its foundation, blockchain is a decentralized record keeping system that holds transactional data via an unchangeable and impenetrable method.By incorporating blockchain into many systems, it is possible to improve their effectiveness, reliability, and data integrity, giving them distinct advantages over classic centralized systems.Here are some essential traits and illustrations of systems that utilize blockchain technology: 1.
Decentralization: blockchain removes the necessity for a central governing entity or middleman by operating within a decentralized network of interconnected nodes.By ensuring that no single entity controls the entire system, decentralization increases resilience and lowers the possibility of single points of failure.

2.
Transparency and immutability: every transaction recorded on the blockchain is openly accessible to the public and is publicly viewable.A transaction becomes immutable once it is added to the blockchain, which means it cannot be changed or removed without network consent.

3.
Security and data integrity: transactions are securely recorded and verified using cryptographic methods in blockchain technology.Any attempt to tamper with the data would require changing every transaction in the chain of blocks because each transaction is linked to the one before it.

Blockchain Security
Blockchain systems need to be secure in order to guard against fraud, tampering, and unauthorized access.Here, we explore key cryptographic techniques enhancing blockchain security.

1.
Digital signatures: a crucial cryptographic tool utilized in blockchain technology is the digital signature.A private key and a public key are the two types of cryptographic keys that each member of the blockchain network has.The matching public key is made available to others in order to validate the legitimacy of the signatures, while the private key is kept secret and utilized to create digital signatures.Digital signatures demonstrate that a transaction has been approved by the holder of the private key, demonstrating the validity and authorization of transactions on the blockchain.

2.
Hash functions: also known as message digests or hash codes.Hash functions are cryptographic techniques that transform data of any size into fixed-length, singular character strings.Each block in the blockchain contains the data from the preceding block's hash value, resulting in a chain of blocks that are connected by their hashes.The blockchain's immutability is ensured by this chaining method.It is simple to spot tampering because any alteration to the data within a block will result in a different hash value.

3.
Merkle trees: Merkle trees are binary trees, also known as known as hash trees, that make it possible to verify huge datasets of data efficiently.Merkle trees are used in blockchain to arrange and compile the transactions contained in a block.Participants can quickly confirm the existence and integrity of particular transactions within a block without having to process all of the individual transactions thanks to the Merkle tree's root hash, which is included in the block header.4.
Public key infrastructure (PKI): public key infrastructure encompasses a series of protocols and processes responsible for handling the generation, dispersion, and invalidation of digital certificates and public keys.In the blockchain context, PKI enables participants in the blockchain to validate each other's public keys and confirm the validity of transactions by enabling them to authenticate each other's public keys.

5.
Consensus methods: for transaction authentication and the addition of new blocks in a blockchain, proof-of-work (PoW) and proof-of-stake (PoS) consensus mechanisms employ hash functions.This guarantees that only valid transactions are added.6.
Quantum-resistant cryptography: as quantum computing advances, established cryptographic techniques employed in blockchain, such RSA and ECC, are at risk of being compromised.Adopting quantum-resistant algorithms is essential to protect blockchain security from quantum threats in the future.
Some actual threats to blockchain technology are double spending, Sybil attacks, smart contract vulnerabilities, privacy concerns, key management, distributed denial of service (DDoS) attacks, and transaction malleability.
It is worth noting that, while quantum-resistant algorithms address the threat of quantum computing, they may not directly solve the other threats listed above.The other threats are typically mitigated through various cryptographic and non-cryptographic techniques.However, quantum-resistant cryptography plays a crucial role in ensuring the long-term security of blockchain networks in the face of quantum advancements.

InterPlanetary File System
The InterPlanetary File System (IPFS) revolutionizes online file storage and sharing by establishing a permanent and decentralized method.The IPFS's primary objective is to offer a distributed file system that guarantees files that may be accessed from various places, removing the possibility of data loss due to server outages or shutdowns.The IPFS enables effective content retrieval and verification over the network by dividing files into smaller portions and giving them distinct cryptographic hashes.This cutting-edge technology has a number of benefits, including improved security, privacy, and user control.Without relying on a centralized authority, users can safely transfer files, lowering the possibility of censorship or unauthorized access to private information.Additionally, the IPFS is perfect for long-term information preservation because of its decentralized design, which permits files to endure forever.With regard to blockchain applications, the IPFS is used to store massive data, such as public keys and signatures, while the blockchain itself just stores the corresponding hash values.By doing this, the storage requirements of the blockchain are drastically decreased, resulting in more scalable and effective blockchain networks.

Quantum Computing's Effects on Cryptosystems and the Need for Post-Quantum Cryptosystems 4.1. Quantum Computing
The cutting-edge discipline of computing known as quantum computing uses the concepts of quantum physics to process and modify data.Quantum computers employ quantum bits, also known as qubits, which can exist in several states at once due to the phenomenon known as superposition.This is in contrast to classical computers, which use bits to encode data as either 0 or 1.
Using quantum Fourier transform [7] to solve problems related to integer factorization and discrete logarithms can be exponentially sped up using Shor's approach [8].The searching problem can be quadratically sped up using Grover's algorithm [9].It offers a significant speed advantage over the conventional brute force approach, which takes O(N) time in classical attacks.This method can find the original input corresponding to a function's output in approximately O( √ N) time.Many widely used encryption systems rely on these intricate mathematical challenges.However, quantum computers are expected to solve these problems within a bounded polynomial time.
The extent to which these quantum benefits can be developed and the duration of the feasibility gap between classical and quantum models are also unknown [10].The question of whether it is possible to create a large-scale quantum computer is complex and contentious.Many researchers now think that enormous quantum computers are just a very difficult engineering problem, although in the past it was less obvious whether they were a physical reality.
In the next 20 years or so, according to any scientists who still make such predictions [11], powerful quantum computers will be developed that will be able to break all of the current core public key infrastructures quickly.It will take much work to enable a seamless and stable transition from the newest widely used cryptosystems to their counterparts that can withstand quantum computing.Regardless of whether we are able to predict with accuracy when the era of quantum computing will begin, we must continue building more secure communication channels that, for instance, might revolutionize the field of cryptography.

Post-Quantum Cryptosystems
Due to their reliance on mathematical problems that can be solved effectively by quantum computers, existing cryptographic systems like RSA and ECC may become vulnerable as quantum computing technology develops.A cryptographic system created on alternative mathematical structures and algorithms to survive attacks from quantum computers is known as a post-quantum cryptosystem.With the advent of potent quantum computers, these new cryptographic techniques seek to increase security and guarantee the ongoing preservation of critical data.Post-quantum signatures are known as quantum-resistant signatures or quantum-safe signatures.In the age of quantum computing, post-quantum signature systems are appropriate for secure communications and digital identity verification since they are made to be capable of withstanding assaults from both conventional and quantum computers.Post-quantum signature systems will aid in ensuring the long-term security of digital communications and safeguarding sensitive data from potential quantum attacks once they are widely adopted and put into use.In order to provide a collection of safe post-quantum cryptography algorithms, standardization efforts are still being made.To guarantee these algorithms' efficacy and compatibility, organizations like the National Institute of Standards and Technology (NIST) are driving the technique of soliciting, assessing, and standardizing them.
Post-quantum signature schemes can be classified into five categories: hash-based, lattice-based, code-based, multivariate polynomial-based, and super-singular isogenybased schemes.

Code-Based Cryptosystem
Code-based cryptography relies on the difficulty of decoding specific structured linear error-correcting codes.Daniel J. Bernstein proposed Classic McEliece, which is a potential post-quantum public key cryptographic system based on error-correcting codes under consideration by the NIST for global standardisation, in 2017 [12][13][14].In the McEliece concept, a public key is formed through a combination of the Goppa code and a linear transformation.To encrypt a message, the sender introduces a set level of random noise to the message [15].Without knowing how to factor in the public key, recovering the message is a computationally difficult job for the attacker.Several code-based cryptographic methods exist, and, among them, certain ones could potentially provide security against quantum attacks: Classic McEliece, BIKE, and HQC.

Hash-Based Cryptosystem
The cryptographic secure hash function used in hash-based signatures is created to exhibit security properties, like being hard to reverse, resistant to finding original inputs, immune to generating similar outputs for different inputs, and robust against collision attacks.Hash-based signature schemes are classified as stateless or stateful based on their implementation approach.They can also be categorized as a one-time signature (OTS), few-time signature (FTS), multi-time signature (MTS), and hierarchical signature (HS).These classifications depend on factors such as how keys are generated, how signatures are generated, and other parameters used in their construction.SPH I NCS + is a hashbased quantum-safe cryptographic algorithm.It is a signature system with no state and an improved version of SPHINCS, designed to reduce signature size [13].

Lattice-Based Cryptosystems
These cryptographic techniques are constructed using lattices, which are sets of points arranged periodically in multi-dimensional spaces.To find the smallest non-zero point within a lattice, a complex problem known as the shortest vector problem (SVP) is utilized.This problem, which is difficult to solve and falls under the NP-hard category, forms the foundation of security in lattice-based systems.Additional challenges related to lattices, such as the closest vector problem (CVP) and the shortest independent vectors problem (SIVP), as mentioned by [16], are currently beyond the capabilities of quantum computers.The algorithm's implementation is relatively efficient, and it provides worst-case hardnessbased security proofs that are extremely strong.The quantum-resistant algorithms based on the lattice are CRYSTALS-KYBER, SABER, NTRU, FrodoKEM, NTRU Prime CRYSTALS-Dilithium, and FALCON.

Multivariate-Based Cryptosystems
Multivariate system of equations have been demonstrated to be NP-complete or NPhard, and multivariate-based techniques rely on this complexity [12].Despite their resilience to quantum assaults, more research is required to increase their decryption speed, decrease their enormous key size, and lower their ciphertext overhead [17].Rainbow and GeMSS are the potentially quantum-safe cryptographic techniques based on multivariate quadratic equations.

Super Singular Elliptic Curve Isogeny Cryptosystems
These are a novel approach that first appeared in the year 2000.To create public key cryptosystems, isogeny-based cryptography employs mappings between elliptic curves.Isogeny cryptography relies on the security of solving super singular isogeny problems.These problems involve finding the connection (isogeny mapping) between two super singular elliptic curves that have an equal count of points.In comparison with other postquantum cryptography possibilities, the protocols based on isogeny need a very small key.SIKE is one of the isogeny cryptography family's putative quantum-safe algorithms [18][19][20].

Description of NIST-Recommended Post-Quantum Signature Schemes and ECDSA
The section describes the CRYSTALS-Dilithium, FALCON, and SPH I NCS + algorithms, which are identified by the NIST for standardisation.

CRYSTALS-Dilithium
A lattice-based digital signature system called CRYSTALS-Dilithium is renowned for its effectiveness and robust protection against both conventional and quantum adversaries.Algorithms 1-3, respectively, depict the procedures of key creation, signing, and verification, as in [21].
CRYSTALS-Dilithium's salient characteristics include: • Efficiency: CRYSTALS-Dilithium is optimized for key generation, signing, and verification efficiency, making it appropriate for contexts with limited resources, including Internet of Things devices and embedded systems.

•
Strong security: the system offers a strong level of resilience against several assaults, including those launched by quantum computers.

•
Based on the discrete logarithm problem for elliptic curves, security.

•
Efficient key sizes, suitable for constrained environments.

•
Widely used in various cryptographic applications due to its practicality and effectiveness.

•
Potential vulnerability to quantum attacks in the future.
The performance metrics of the post-quantum signature schemes Dilithium3, SPH I NCS + + SHAKE256s, Falcon1024, and SPH I NCS + + SHA256s are depicted in Figure 2.

Experiment, Analysis, and Results
To provide complete security, the system makes use of quantum-resistant digital signatures.We will examine the system's performance and efficiency in this section.Ten alternative blockchain systems are examined in the same simulation scenario:

•
Falcon1024, Dilithium3, SPH I NCS + + SHA256s, and SPH I NCS + + SHAAKE256s are used in blockchains with the IPFS network, since the ECDSA, which is not quantum resistant, is excluded from this comparison.
• Falcon1024, Dilithium3, SPH I NCS + + SHA256s, SPH I NCS + + SHAKE256s, and the ECDSA are used in blockchains without an IPFS network. Efficiency: • For blockchains that do not employ the IPFS, the performances of key sizes, signature sizes, signature time, key generation time, and signature verification time are compared, and specific variations of the algorithms are chosen accordingly.The parameters of the algorithms are chosen to obtain the same level of security 256 across every algorithm.

•
The same parameters are used to compare blockchains using the IPFS.Every aspect of the algorithms is evaluated 1000 times to establish the average duration of key generation, signing, and verification.
Tables 1-6 present a comparative analysis of five signature schemes: ECDSA, SPH I NCS + + SHA256s, SPH I NCS + + SHAKE256s, Dilithium, and Falcon, which are represented in Figures 3-8, respectively.The parameters for each algorithm are selected appropriately to attain the same security level of 256 bits, which results in a range of key lengths.The comparisons are based on various factors, including key generation time, signing time, verification time, and sizes of the secret key, public key, and signature.The results indicate that the ECDSA stands out as the most efficient algorithm, although its vulnerability to quantum attacks is a significant drawback.
Given the ECDSA's susceptibility to quantum threats, the focus shifts to the remaining four quantum-resistant algorithms: SPH I NCS + + SHA256s, SPH I NCS + + SHAKE256s, Dilithium, and Falcon.When evaluating the same criteria as above, it becomes evident that Dilithium3 emerges as the most efficient alternative.
However, a closer examination of Table 3 , which compares the public key sizes of the quantum-resistant algorithms and is depicted in Figure 5, reveals that Dilithium3 has the largest public key size.This aspect becomes a notable drawback in blockchain technology, as each transaction in the network incorporates the public key, leading to an increase in the transaction data size.
To gauge the impact of quantum-resistant algorithms on the network, we constructed a UTXO model.This model facilitated a comparison of block mining time, transaction size, and overall network efficiency.Throughout all operations, including mining and transaction creation, the difficulty level of zeros was fixed at 3. In assessing key generation, signing, and verification times, we conducted these operations 1000 times to obtain averaged timing results.

On Using IPFS
A comparison is made with the same algorithms but with the addition of IPFS (In-terPlanetary File System) storage for reducing signature/public key sizes.The proposed method adds extra time for verification for all algorithms, but drastically reduces the size of the public key and the size of the signature.In Tables 1-6, the results show that the time for key generation, time for signing, and time for verification are increased marginally for all schemes.The signature/public key sizes are significantly reduced, with only 32 bytes required for each of those values.Dilithium remains the fastest signature scheme after applying the IPFS-based approach.Another interesting inference is that the signature size of SPH I NCS + is reduced by more than 99%.In Table 7, the results divulge a considerable reduction in block mining times through the utilization of the IPFS which is shown in Figure 9.This reduction can be attributed to the diminished public key size facilitated by the IPFS, consequently leading to a reduction in the transaction size as well.

Conclusions
The blockchain system requires digital signatures for authenticity and integrity.Despite the fact that the ECDSA is still in use today in the blockchain system, it is not advised because the security will be undermined after quantum technology.We added the NISTrecommended post-quantum signatures Dilithium, FALCON, and SPH I NCS + to the blockchain and analysed their performance compared with the widely used ECDSA.The Falcon and Dilithium-based systems are recommended for applications that prioritize strong performance in key generation, signing, and verification times, especially when utilizing the suggested IPFS for managing large keys.If the IPFS is not preferred, then Falcon is a suitable choice.Block capacity as well as the issue of quantum attack are both resolved in this manner.Overall, the proposed IPFS-based approach successfully reduces the signature/public key sizes for all signature schemes evaluated, which can greatly improve the efficiency of blockchain systems.The paper primarily delves into the UTXO model, primarily utilized in Bitcoin systems.Nonetheless, it is worth emphasizing that these quantum-resistant algorithms could be extended to various other blockchain models, including those employed by Ethereum, Polygon, Cosmos, and similar platforms, but mention applicability to Ethereum, Polygon, and similar platforms.While Bitcoin systems primarily facilitate transactions, Ethereum and related systems allow users to include data other than transactions in the blockchain.This key distinction introduces variability in block sizes, thus rendering the problem more intricate.Consequently, it imposes additional constraints on the calculation of mining times.These aforementioned areas represent promising avenues for future research in the realm of quantum-resistant blockchain systems.
Open Problem: More research into establishing better post-quantum signature schemes that provide reduced key and signature sizes and faster key generation, signatures, and verification times would be one of the main open problems in this domain.Another area of attention would be strengthening the IPFS component of the system.

Figure 2 .
Figure 2. Performance of the respective algorithms.

Figure 3 .
Figure 3.Comparison of key generation time.

Figure 4 .
Figure 4. Comparison of secret key size.

Figure 5 .
Figure 5.Comparison of public key size.

Figure 7 .
Figure 7.Comparison of signature time.

Figure 8 .
Figure 8.Comparison of verification time.

Figure 9 .
Figure 9.Comparison of mining time.

Table 1 .
In terms of key generation time, algorithms are compared.

Table 2 .
Algorithms are compared with respect to secret key size (bytes).

Table 3 .
Algorithms are compared with respect to public key size (bytes).

Table 4 .
Algorithms are compared with respect to signature size (bytes).

Table 5 .
Algorithms are compared with respect to signature time (ms).

Table 6 .
Algorithms are compared with respect to verification time (ms).

Table 7 .
Comparison of mining time (ms).