Comment on page
A conventional blockchain consists of a distributed network of nodes running software that can verify blocks and transactions. The nodes communicate with each other over the internet or a private network, using widely known protocols like Internet Protocol (IP) for the network layer, and Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) for the transport layer.
The data transmitted through these channels are vulnerable to eavesdropping, interception and tamper. The IP, TCP and UDP protocols had been extensively studied over the decades and various vulnerabilities have been found, which are listed below.
- Internet Protocol (IP) - IP fragmentation attack, IP reassembly attack, UDP and ICMP fragmentation attack, TCP fragmentation attack or Teardrop attack.
- Transmission Control Protocol (TCP) - SYN flooding, TCP reset attack, TCP session hijacking, TCP reflection attack.
- User Datagram Protocol (UDP) - UDP flood DDos attack, UDP-based amplification attacks
These protocols insecure in themselves, wrap themselves around SSL or HTTPS to provide a veneer of security which can be broken by conventional cyberattacks as well as quantum computers.
An Ozone node creates a specialized channel called a quantum tunnel to communicate data with another Ozone node. A quantum tunnel secures its data using algorithms provided by Post-Quantum Cryptography (PQC). Ozone chain uses Lattice-based PQC, which is the main method being promulgated in next-generation US NIST algorithm development.
Lattice-based cryptography uses constructions of cryptographic primitives that involve lattices, either in the construction itself or in the security proof. Unlike more widely used and known public-key schemes such as the RSA, Diffie-Hellman or elliptic-curve cryptosystems, which could be broken using Shor's algorithm on a quantum computer, some lattice-based constructions are resistant to attack by both classical and quantum computers due to the fact that certain well-studied computational lattice problems cannot be solved efficiently.
Ozone chain uses a standardized and NIST-approved (https://csrc.nist.gov/publications/detail/nistir/8413/final) public-key encryption and key-establishment algorithm called CRYSTALS-Kyber. CRYSTALS (Cryptographic Suite for Algebraic Lattices) comprises two lattice-based cryptographic primitives:
- Kyber, a CCA-secure KEM, and
- Dilithium, a strongly EUF-CMA secure digital signature algorithm.
Both algorithms are based on hard problems over module lattices, are designed to withstand attacks by large quantum computers.
CRYSTALS-Kyber is based on earlier MLWE-based encryption problems but uses square rather than rectangular matrixes as the public key along with polynomial rings. Kyber is an IND-CCA2-secure key encapsulation mechanism (KEM), whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices.
CRYSTAL-Kyber consistently ranks with average to smaller key sizes. It is part of the Open Quantum Safe project and has won the NIST competition for the first post-quantum cryptography (PQC) standard that is resistant to quantum computers.