The primary problem with authenticated, encrypted communication is it requires the sharing of keys over an assumed-secure channel. This is where a PKI comes in. While you can certainly get encrypted communication between the holders of any given public keys, you cannot verify that the provided public keys belong to a person's real identity without a face-to-face interaction.
For example, let's say I want to send a secure message to Tom Bishop telling him that "rockets work in space." Now I'm simply going to fetch his public key off a blockchain/server/newspaper and send over an encrypted AES key (using RSA-OAEP, or we can negotiate the key with any Diffie-Hellman variant), where the message is signed by my private key. Then I'll encrypt all of my communication with him using something like AES-GCM. Tom can use the same symmetric key to send messages back to me. What's the problem with this scheme? Blockchain by its nature is somewhat anonymous. There is nothing tying someone's real name to a public key. So junker, for example, could simply put a public key on the chain in Tom's name. Then I would be sending my communication to junker, who would forward it along to Tom while eavesdropping and modifying everything.
Without a PKI, public key cryptography like that used in blockchain is useless for authenticated, encrypted communication.
Again, your argument that the PoW wouldn't be subject to a 51% attack once you get enough users is bunk. Regardless of the PoW algorithm used, there are probably at least 1000x more Round Earth people in the world as Flat Earth people. This necessarily means that they have many times the computational power as Flat Earth people, even if they aren't able to cheat with ASICs / FPGAs. You're going to find that it's very hard to make an algorithm GPU-resistant, as the algorithm needs to incorporate some math problem in NP, which means that there is always parallelized guess-and-check; many GPUs have a rather complete instruction set.