NIST has officially announced the standardized algorithms from Round 3 of the NIST PQC competition. This is a landmark milestone as government agencies and businesses have been waiting nearly 6 years for a clear direction as to which algorithms are trustworthy. Post-quantum cryptographic algorithms are the front-line defense against adversarial quantum attacks, a problem that will become more common as the pace of development in quantum computers surges.
NIST PQC Milestones, Standardized Algorithms and 4th Round Candidates
Blockchain security is especially threatened by quantum computing and all chains will need to transition to post-quantum cryptographic standards just as they initially embraced classical standards. The Elliptic Curve Digital Signature Algorithm (ECDSA) is the most widely used cryptographic algorithm implemented by blockchains today and has a severe weakness to a quantum attack. The security of ECDSA relies on the difficulty of the discrete-logarithm problem, solving which is made computationally feasible by quantum computers running Shor's algorithm. In order for blockchains to remain secure and viable in the next era of computing, they will have no choice but to upgrade their security using post-quantum cryptography.
Unfortunately this opens up a new problem. PQC algorithms are much more expensive than their classical counterparts in terms of size. This is particularly problematic for blockchains where each full node keeps an entire record of all activities on the blockchain. If Bitcoin and Ethereum were to adopt the newly standardized PQC algorithms today, the size of both chains would explode. Even with the most space-efficient NIST PQC signature algorithm, public-keys and digital signatures would consume 21.2x and 24.3x more space in Bitcoin and Ethereum, with the size of their respective ledgers increasing by 2.2x and 2.22x. Other NIST PQC algorithms have even worse tradeoffs between signature/ledger sizes and security. These performance issues have widespread implications, affecting transaction speed, gas prices and the decentralization of the entire network. Upgrading blockchain security isn't as simple as dropping-in a PQC algorithm as a replacement for current algorithms. Our solution must be designed to take these consequences into account.
Explosion in size as a result of implementing PQC algorithms in BTC and ETH