QRSub - Elements of Quantum Resistance for Substrate

[quantum-sopek]

Project Abstract

QRSub project is committed to advancing the integration of Quantum-Resistant technologies in Substrate-based blockchains. Our aim is to bolster security and ensure sustained protection against quantum computing threats. Building on the foundational work of our company, Quantum Secured Blockchains, QRSub extends these efforts by new developments and conducting critical benchmarks vital for future implementations.

Grant level 2

• Level 1: Up to $10,000, 2 approvals
• Level 2: Up to $30,000, 3 approvals
• Level 3: Unlimited, 5 approvals (for >$100k: Web3 Foundation Council approval)

Application Checklist

• The application template has been copied and aptly renamed (project_name.md).
• I have read the application guidelines.
• Payment details have been provided (bank details via email or Polkadot (USDC & USDT) address in the application).
• I am aware that, in order to receive a grant, I (and the entity I represent) have to successfully complete a KYC/KYB check.
• The software delivered for this grant will be released under an open-source license specified in the application.
• The initial PR contains only one commit (squash and force-push if needed).
• The grant will only be announced once the first milestone has been accepted (see the announcement guidelines).
• I prefer the discussion of this application to take place in a private Element/Matrix channel. My username is: @_______:matrix.org (change the homeserver if you use a different one)

[github-actions]

CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅

[keeganquigley]

Thanks for the application @quantum-sopek as a quick note, it looks like the Overview section is listed twice (under Developer Roadmap), one being the original template. Could you remove this? Thanks!

[quantum-sopek]

I have read and hereby sign the Contributor License Agreement.

[quantum-sopek]

recheck

[semuelle]

@quantum-sopek, I have edited your comment to contain only the text for the CLA Assistant. However, I believe @cylkow needs to sign it, as this is the account who made commits to this PR.

[cylkow]

I have read and hereby sign the Contributor License Agreement.

[takahser]

@quantum-sopek appreciate your contributions, this looks very interesting and useful. However, it looks like you've already implemented the core tech:

While I'm certainly not an expert in PQC, it looks like your deliverables in this grant have already been developed. For example, according to the whitepaper you've already integrated the QRNG mentioned in M2.

Also, it looks like you've already been granted with significant amounts of funding (over M1.4 PLN / ~350k USD):

To avoid double-funding any efforts, could you please outline for which of the deliverables (if applicable) you have already received funding and clarify, which deliverables are currently non-existent and would be provided in addition to your previous work?

[quantum-sopek]

While we have indeed incorporated certain elements of the technology in the past, the development outlined in this proposal diverges from our previous work. It not only extends our prior developments but also introduces new components, culminating in the creation of a post-quantum version of Substrate based chain. I will provide a more specific and detailed description of this over the next 2-3 days for evaluation.

[quantum-sopek]

Dear @takahser,

Thank you for your vigilance. It's possible that our proposal did not sufficiently distinguish between what we've previously accomplished using our company budget and what we intend to undertake within this project. Despite our explicit references to prior work that led to this project, we may not have completely dispelled this ambiguity. Allow me to clarify everything now.
Firstly, the grants from the Polish Agency for Enterprise Development (PARP) that you mentioned pertain to a project entirely distinct from the one based on Substrate. For that project, we developed our own generic blockchain model in TypeScript for node.js, aiming to explore the application of quantum cryptographic primitives in a basic setting. Details of that project can be found here: https://www.quantumblockchains.io/reports/QKDBase.pdf.

The project that commenced later, utilizing Substrate, was funded through our own resources, derived from a pre-seed investment by LT Capital VC (https://ltcapital.vc/). The outcomes of this work are detailed in our whitepaper (https://www.quantumblockchains.io/introducing-quantum-secured-blockchain-a-comprehensive-whitepaper), which we referenced in the grant application.

Let me now clarify how our current application differs from our previous work:

1. PQC Algorithms: As stated in the application, we aim to evaluate, optimize and assess our existing implementation, which hasn't yet undergone rigorous security evaluation much needed for serious deployments. We also plan to integrate the KYBER algorithm; previously, we only implemented Dilithium.

2. HD Wallets: We intend to develop HD Wallets based on Post-Quantum algorithms, a task we haven't tackled before. Designing and implementing these in a Post-Quantum context is notably challenging as lattice based PQC algorithms behave differently than e.g. classical EC based ones.

3. Quantum Entropy: Our prior work only involved a RanDao-like scheme and some minor use of randomness. In this application, we aim to enhance and elevate its use, potentially incorporating VRFs, a task that is both complex and non-trivial.

4. P2P Communication: We plan to employ Post-Quantum KEMs (Key Exchange Mechanisms) for peer-to-peer communication, a feature not present in our earlier work.

5. Evaluation of QKD Paradigm feasibility: Here we propose a feasibility study on future use of the QKD (Quantum Key Distribution) paradigm for PUBLIC blockchains. Our previous project, QSB, was a private/permissioned chain. The focus here is on feasibility, as actual development would surpass the available funding. It aims at answering the dilemma if such advanced quantum communication paradigms have sense for blockchains.

6. Performance and Resource Utilization Analysis: This is a new and crucial area we plan to explore. We didn't conduct such analysis in our previous work. Given the significantly longer key lengths in the post-quantum world, understanding the performance and resource implications for running public blockchains is vital for the future of quantum-resistant blockchains.

If my explanations are insufficient, please indicate what further details I should provide or clarify. Should there be a need to amend the application (QRSub.md), kindly inform me.

We earnestly present these clarifications for your and the reviewers' consideration. If, despite our confidence in the novelty, non-overlap and innovation of our plan, you remain unconvinced, we will respectfully understand and await the decision of the community and the Web3 Foundation.

Cheers
Mirek@Home|Lodz|Poland

[takahser]

@quantum-sopek thanks for your reply. Could you incorporate this info in a digestable manner into the doc please, so other reviewers can just read the proposal and get the full picture without having to scroll through the convo history?

[takahser]

@quantum-sopek I've brought this up at with our research team and this is the gist of the feedback I got:

• Lattice schemes are very fragile and customising them might be related to various risks
• While hard derivations are trivial, soft derivations are impossible. But in general, wallets are the least interesting concern
• RanDao doesn't allow for the generation of PSKs
• regarding Quantum-Resistant Communication Protocols: All design work looks done in https://eprint.iacr.org/2022/539 Its implementation requires doing the same in Rust, but this should go through the libp2p devs.
• scepticism on the usefulness of QKD was raised

For these reasons, I'm not going to approve this proposal. While other reviewers' opinions might differ, they'll likely take this feedback into account as well when making a decision on whether to approve it.

[quantum-sopek]

@takahser

Firstly - I updated the application to reflect the changes you suggested before (i.e. what's new in this application in relation to our previous work)

Secondly, I do not intend to interfere with the decision-making process – yours or that of others. However, I feel compelled to respond and clarify our perspective on the issues you have raised:

• While lattice schemes are indeed delicate, our customizations would in no way alter the core of the Dilithium and Kyber post-quantum schemes. At the cryptographic level, our implementation would strictly adhere to FIPS 203 and 204 for KEM and Digital Signatures, respectively. Assessing our own proficiency is quite challenging. However, our previous work with Dilithium did not attract any criticism ( "Our dilithium code" )
  Kyber was not yet implemented. The operational environment of these algorithms is, of course, crucial. That's precisely why we aimed to conduct thorough testing and validation of these aspects within this project.

• Certainly, with a scheme like Dilithium, we cannot facilitate soft derivations using only a hierarchy of public keys. Our intention was to demonstrate the feasibility and security of wallets even without such derivations. We drew inspiration from the paper “Deterministic Wallets in a Quantum World” (DOI: 10.1145/3372297.3423361).

• We did not incorporate RanDao for PSK generation, nor was it our intention to do so. The confusion might stem from possibly unclear statement, "... previous work in implementing RanDao-like mechanisms and generating secure Pre-Shared Keys (PSK)."
  However, the methods we employed for obtaining quantum entropy were distinct from those mentioned in the first part of the sentence. We planed to use quantum entropy for other purposes.

• We appreciate your reference to the paper “Post Quantum Noise.” It was indeed enlightening, and I must admit, it was new to us. We have plans to work on libp2p for developing a broadly applicable quantum-secured communication. However, for this particular project, our focus was to integrate it at the level currently utilized by Substrate. If you believe this approach is misguided, I am perhaps inclined to concur.

• Regarding skepticism towards Quantum Key Distribution (QKD), it is indeed visible in various contexts, including the core areas of cybersecurity (see, for example: BSI Quantum Position Paper). Nonetheless, our intention was to leverage our innovation, pQKD (a QKD emulator, detailed at Quantum Blockchains pQKD), to conduct a comprehensive feasibility study of the QKD paradigm (not the actual, currently limited QKDs). This is a broader discussion, aiming to demonstrate that our invention (alongside two other similar systems on the market) addresses the criticisms raised by BSI and others.
  This is precisely the reason we sought to undertake this feasibility study: to engage in a serious dialogue about whether the skepticism surrounding QKD is warranted (which we believe is not).

I’m happy to discuss it all with you and/or other reviewers.

Mirek

[Noc2]

Thanks a lot for the application and all the effort that you put into this. However, the grants committee decided today not to go ahead with the project. Independent of it, we wish you all the best for your project, and let us know if you have any questions.