MyQuantumKey

In the future, quantum computers will compromise existing public key cryptosystems. This requires a migration of the cryptosystem which involves changing the cryptosystem and all the users’ public and private keys. How this migration will happen is still undecided.

Applications such as blockchains use public key cryptography for user and transaction authentication. It also uses public key cryptography for user identification. E.g. The wallet address is the hash(public key). Currently, proof of ownership of a wallet address is achieved when the user creates a digital signature using the private key associated with the public key.

When quantum computers come, users will lose the ability to prove this address ownership since attackers can also create the same digital signing proof. The project is to allow wallet owners to register a quantum-safe authentication key onchain (when it is still safe to do so) so that existing wallet owners can perform a proof of ownership in the future after the migration.

We will use ENS to store this key, and use MPC-in-the-head, a quantum-safe zero-knowledge proof to perform the proof generation and verification.

Assumptions

• Currently, besides the wallet owner, no other persons/attackers can create a valid digital signature corresponding to the wallet address. This can be enforced by ENS.
• A hash performed using SHA256 on a random secret pre-image values of size larger than 256 bits is resistant against quantum cryptanalysis.
• There exists a quantum-safe context-sensitive zero-knowledge proof system that wallet owners can use in the future to prove knowledge of the secret pre-image of a SHA256 hash. We will use MPC-in-the-head zero-knowledge proof system.

The project will use ENS that supports the registration of key verification information by any wallet owner, and allow for the retrieval of this verification information in the future.

Solution

1. think of a secret
2. Create a ENS TEXT record with key "myquantumkey" that stores the text which should be created based on Keccak256(Keccak256(secret)+walletaddress)
3. Create a ENS “myquantumkey” front-end client to support a) Creation of the record: - Input parameter is: secret value - Operation • Perform SHA256(secret) • Create TEXT record in ENS b) use of the record
   • Input parameter is: ENS name, Secret
   • Operation • retrieve TEXT record • if ZKProof = SHA256(Secret)+challenge // note that the zero-knowledge proof. needs to be quantum-safe o print verified successfully

Threat model o Attacker attempts to perform an unauthorized record creation

• Not possible since Attacker does not have wallet key to sign the transaction o Attacker attempts to retrieve the secret from TEXT record
• Not possible since Keccak256 cannot be reversed o Attacker attempts to impersonate as wallet owner after using a quantum computer to find the wallet private key
• Not possible since Attacker does not know the secret, and cannot present the zero-knowledge proof of the secret