Assessing the Impact of Post-Quantum Digital Signature Algorithms on Blockchains
Alison Gonçalves Schemitt, Henrique Fan da Silva, Roben Castagna Lunardi, Diego Kreutz, Rodrigo Brandão Mansilha, Avelino Francisco Zorzo
TL;DR
This study addresses the security threat posed by quantum computing to conventional cryptography and the subsequent need for post-quantum cryptography (PQC) in blockchains. It proposes a reproducible methodology that combines microbenchmarking of signature operations with large-scale blockchain simulations, implemented in the PQCinBlock tool. Empirical results show that certain PQC schemes, especially ML-DSA and Mayo, can outperform ECDSA in verification at higher security levels, enabling feasible migration for blockchain networks like Bitcoin and Ethereum. The work highlights practical implications such as increased key and signature sizes and their impact on block size and throughput, and provides a public, extensible framework for ongoing evaluation of PQC in blockchain environments.
Abstract
The advent of quantum computing threatens the security of traditional encryption algorithms, motivating the development of post-quantum cryptography (PQC). In 2024, the National Institute of Standards and Technology (NIST) standardized several PQC algorithms, marking an important milestone in the transition toward quantum-resistant security. Blockchain systems fundamentally rely on cryptographic primitives to guarantee data integrity and transaction authenticity. However, widely used algorithms such as ECDSA, employed in Bitcoin, Ethereum, and other networks, are vulnerable to quantum attacks. Although adopting PQC is essential for long-term security, its computational overhead in blockchain environments remains largely unexplored. In this work, we propose a methodology for benchmarking both PQC and traditional cryptographic algorithms in blockchain contexts. We measure signature generation and verification times across diverse computational environments and simulate their impact at scale. Our evaluation focuses on PQC digital signature schemes (ML-DSA, Dilithium, Falcon, Mayo, SLH-DSA, SPHINCS+, and Cross) across security levels 1 to 5, comparing them to ECDSA, the current standard in Bitcoin and Ethereum. Our results indicate that PQC algorithms introduce only minor performance overhead at security level 1, while in some scenarios they significantly outperform ECDSA at higher security levels. For instance, ML-DSA achieves a verification time of 0.14 ms on an ARM-based laptop at level 5, compared to 0.88 ms for ECDSA. We also provide an open-source implementation to ensure reproducibility and encourage further research.