Transitioning to a Hyperledger Fabric Hybrid Quantum Resistant Classical Public Key Infrastructure

Hyperledger Fabric (HLF) is a permissioned, blockchain designed by IBM and uses Public Key Infrastructure (PKI), for digital signatures, and digital identities (X.509 certificates), which are critical to the operational security of its network. On 24 January 2019, Aetna, Anthem, Health Care Service Corporation, PNC Bank, and IBM announced a collaboration to establish a blockchain-based ecosystem for the healthcare industry [1]. Quantum computing poses a devastating impact on PKI and estimates of its large-scale commercial arrival should not be underestimated and cannot be predicted. The HIPAA (Health Insurance Portability and Accountability Act) and General Data Protection Regulation (GDPR),requires “reasonable” measures to be taken to protect Protected Health Information (PHI), and Personally Identifiable Information (PII). However, HLF’s ecosystem is not post-quantum resistant, and all data that is transmitted over its network is vulnerable to immediate or later decryption by large scale quantum computers. This research presents independent evaluation and testing of the National Institute of Standards and Technology (NIST), based Second Round Candidate Post-Quantum Cryptography (PQC), lattice-based digital signature scheme qTESLA. The second-round submission is much improved, however; its algorithm characteristics and parameters are such that it is unlikely to be a quantum-resistant “as is,” pure “plug-and-play” function and replacement for HLF’s PKI. This work also proposes that qTESLA’s public keys be used to create a quantum-resistant-classical hybrid PKI near-term replacement.

The paper can be found at - https://jbba.scholasticahq.com/article/9902-transitioning-to-a-hyperledger-fabric-quantum-resistant-classical-hybrid-public-key-infrastructure