Potential Vulnerabilities of Cryptographic Primitives in Modern Blockchain Platforms

Today, blockchain technologies are a separate, rapidly developing area. With rapid development, they open up a number of scientific problems. One of these problems is the problem of reliability, which is primarily associated with the use of cryptographic primitives. The threat of the emergence of quantum computers is now widely discussed, in connection with which the direction of post-quantum cryptography is actively developing. Nevertheless, the most popular blockchain platforms (such as Bitcoin and Ethereum) use asymmetric cryptography based on elliptic curves. Here, cryptographic primitives for blockchain systems are divided into four groups according to their functionality: keyless, single-key, dual-key, and hybrid. The main attention in the work is paid to the most significant cryptographic primitives for blockchain systems: keyless and single-key. This manuscript discusses possible scenarios in which, during practical implementation, the mathematical foundations embedded in the algorithms for generating a digital signature and encrypting data using algorithms based on elliptic curves are violated. In this case, vulnerabilities arise that can lead to the compromise of a private key or a substitution of a digital signature. We consider cases of vulnerabilities in a blockchain system due to incorrect use of a cryptographic primitive, describe the problem, formulate the problem statement, and assess its complexity for each case. For each case, strict calculations of the maximum computational costs are given when the conditions of the case under consideration are met. Among other things, we present a new version of the encryption algorithm for data stored in blockchain systems or transmitted between blockchain systems using elliptic curves. This algorithm is not the main blockchain algorithm and is not included in the core of modern blockchain systems. This algorithm allows the use of the same keys that system users have in order to store sensitive user data in an open blockchain database in encrypted form. At the same time, possible vulnerabilities that may arise from incorrect implementation of this algorithm are considered. The scenarios formulated in the article can be used to test the reliability of both newly created blockchain platforms and to study long-existing ones.