Research On Post-quantum Computing Security Mechanism Based On Consortium Blockchain Platform

Consortium blockchain is a form of blockchain designed to provide customized solutions for specific industries or organizations.It has the advantages of transparency and traceability,which can help participants achieve more efficient,secure and reliable transactions and data management.Currently,consortium blockchains are widely used in different management scenarios and have become the main solution for data sharing across companies and organizations.However,the existing blockchain security mechanism relies heavily on traditional public key cryptosystems,and with the increasing development of quantum computers,the security cornerstone of traditional public key cryptosystems will be broken.To address this problem,this paper investigates the security mechanism of postquantum computing under the consortium blockchain platform according to different application scenarios,and proposes the following two solutions to solve the existing problems,working as follows.(1)Consortium blockchains need to provide identity certificates and key exchange mechanisms for all applications(such as users)in the system.Existing solutions heavily rely on traditional public key cryptosystems.Therefore,this paper designs and implements a Post Quantum(PQ)user authentication and key exchange method based on the consortium blockchain.The methodology is based on all PQ public Key cryptographic algorithms(namely digital signature and Key Encapsulation Mechanisms)in the current round of the NIST(National Institute of Standards and Technology)international standard collection and Hyperledger Fabric,a CA(Certificate Authority)based on chain code is designed to provide three layers of post-quantum certificate service for all applications in the consortium blockchain.On this basis,users can further exchange keys using KEM(Key Encapsulation Mechanisms,KEM)certificates provided by CA.In order to facilitate further development,this paper provides chain codes,client codes and related interfaces.In view of the possible attacks,this paper carries on the security analysis and design to protect the security of the user identity information on the chain.(2)In scenarios such as consortium-based financial regulation and forensic forensics,key escrow services provide access control and audit capabilities to help ensure that only authorized personnel have access to the key and use the key to decrypt relevant data.Because the existing consortium blockchain key escrow scheme uses the traditional asymmetric encryption and decryption algorithm,it cannot resist the attack of quantum computer.To this end,this paper collects the current round of PQ KEM algorithm based on NIST standard,secret sharing protocol and Merkle accumulator,and proposes an enhanced post-quantum key escrow method based on consortium blockchain,which can support finegrained key/data access control and user identity privacy protection,while preventing the single point of dishonesty and collusion of key escrow nodes.This article provides smart contracts,profiles,and associated interfaces based on the Hyperledger Fabric implementation for secondary application development.In view of the possible attacks launched by attackers,this paper carries on the detailed security analysis.(3)This paper evaluates the on-chain execution time and on-chain storage space of the above two methods.The test results show that: in the post-quantum user authentication and key exchange method based on consortium chain,the execution time of all user operations is within 200 milliseconds,and the operation based on some specific algorithms is even completed within 20 milliseconds,and the total storage space on the chain is less than 10 KB.In the enhanced post-quantum key escrow method based on the consortium blockchain,the execution time of most steps is between 30 and 60 milliseconds,and the total storage space on the chain is mostly kept around 5KB.In summary,the methods proposed in this paper have certain reference and guiding significance for the research on user identity authentication and data confidentiality of the consortium blockchain based on post-quantum cryptography,and has a role in promoting the further development of consortium blockchain security.