The industry may only have ten years or less to develop defenses against quantum computers capable of breaking elliptic curve cryptography. According to numerous sources, quantum computing (QC), which employs atomic “spin” rather than an electrical charge to encode binary 1’s and 0’s, is advancing at an exponential rate. If QC is ever implemented on a large scale, it might be a blessing to humanity, helping to boost food yields, create better medications, and engineer safer airplanes, among other things.
The cryptocurrency industry may benefit as well. For example, only last week, a Bank of Canada-commissioned experiment used quantum computing to mimic cryptocurrency adoption among Canadian financial institutions.
In a press release, Maryam Haghighi, head of data science at the Bank of Canada, said, “We wanted to test the capability of quantum computing on a research problem that is difficult to tackle using traditional computing techniques.”
Others, however, are concerned that quantum computing’s exceptional “brute force” capacity could potentially be used to defeat blockchain’s cryptographic framework, which has served Bitcoin (BTC) so well since its creation. Indeed, others believe that it will only be a matter of time until quantum computers can detect the large prime numbers that make up a BTC private key – providing no countermeasures are created.
In this vein, a recently published paper calculated the amount of quantum power required to duplicate a BTC private key, i.e., “the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network,” as explained by the paper’s authors, who are affiliated with the University of Sussex.
To be sure, this will not be a simple process. The technique used by Bitcoin to convert public keys to private keys is “one way,” which implies that it is simple to generate a public key from a private key but nearly impossible to generate a private key from a public key using modern computers.
Furthermore, all of this would have to be completed in less than 10 minutes, which is the typical amount of time that a public key is exposed or vulnerable on the Bitcoin network. It also assumes that the public key is identical to the BTC address, as most did in the early days of Bitcoin until using the KECCAK algorithm to “hash” public keys to generate BTC addresses became widespread practice. Unhashed public keys are used by around one-quarter of existing Bitcoin, according to estimates.
Given these limits, the authors estimate that 1.9 billion qubits are required to crack a single Bitcoin private key in 10 minutes. Qubits, or quantum bits, are the classical computer equivalent of “bits.” In example, most proto-QC computers today can generate 50–100 qubits, whereas IBM’s cutting-edge Eagle quantum processor can generate 127 qubits.
In other words, 127 qubits are required to crack Bitcoin’s security using a large-scale trapped ion quantum computer, as stated in the AVS Quantum Science paper.
“Our estimated requirement […] suggests Bitcoin should be considered safe from a quantum attack for the time being,” said Mark Webber, quantum architect at Universal Quantum, a University of Sussex spin-off firm, and the paper’s lead author. “However, quantum computing technologies are scaling quickly, with regular breakthroughs affecting such estimates and making them a very possible scenario within the next 10 years.”
Is the threat genuine?
Could Bitcoin’s security be breached? “I believe that quantum computers will be able to break cryptocurrencies,” Takaya Miyano, a mechanical engineering professor at Japan’s Ritsumeikan University, said, “but not in a few years, but in 10–20 years.”
Miyano recently led a team that created a chaos-based stream encryption that is resistant to attacks by large-scale quantum computers.
David Chaum, last year, also issued a warning – not just for crypto, but for society as a whole:
“Perhaps most frightening for a civilization so reliant on the internet, quantum computing threatens all of our digital infrastructures.” Our modern internet is based on cryptography, which is the use of codes and keys to secure private communication and data storage.”
Meanwhile, for cryptocurrencies such as Bitcoin and Ether (ETH), “a sufficiently powerful quantum computer may mean the theft of billions of dollars of value or the destruction of an entire blockchain entirely,” Chaum continued.
According to consulting firm Deloitte, there are more than 4 million BTC “that are potentially vulnerable to a quantum assault,” a figure that includes owners who use un-hashed public keys or who re-use BTC addresses, both of which are risky practices. At current market levels, that equates to around $171 billion(R 2.7tn) at stake.
Is asymmetric information to blame for crypto’s dramatic price swings?
“Personally, I believe we are unable to give a solid estimate at the present” of the time it will take for quantum computers to break BTC’s encryption, Itan Barmes, quantum security head at Deloitte Netherlands and World Economic Forum project fellow, said.
However, he claims that many specialists now expect 10-15 years. Many of these estimations are also for breaking the encryption without regard to time constraints. It will be increasingly challenging to do everything in 10 minutes.
Other cryptocurrencies, in addition to Bitcoin, may be vulnerable, such as those utilizing proof-of-stake (PoS) validation procedures; Bitcoin utilizes a proof-of-work (PoW) protocol. “If a blockchain system exposes public keys for a long enough period of time, it immediately becomes subject to quantum assaults,” said Marek Narozniak, a physicist and member of Tim Byrnes’ quantum research group at New York University. “It could allow an attacker to fake transactions or impersonate the identities of block producers in PoS systems.”
It’s time to get ready
The crypto business appears to have approximately a decade to prepare for a future QC attack, which is critical. As Narozniak pointed out:
“There is more than enough time to build quantum-safe cryptography standards and forks to already used blockchain technologies.”
When asked if he was confident that post-quantum cryptography would be developed in time to thwart hackers before the 10-minute barrier is broken, Deloitte’s Barmes pointed to a more recent paper he co-authored on quantum risks to the Ethereum blockchain, which describes two types of attacks: storage attacks and transit attacks. The first “is less complicated to perform, but you don’t necessarily need to modify the cryptographic method to fight against it.” He did, however, stipulate that:
“The transit attack is far more difficult to carry out and much more complex to defend against.” Some potential algorithms are thought to be resistant against quantum attacks. However, they all have performance limitations that can be damaging to the blockchain’s application and scalability.”
Is it an arms race?
What appears to be happening in this field is a kind of arms race – as computers become more powerful, defensive algorithms will need to be developed to counter the threat.
“This broad pattern is nothing new to us,” Narozniak said. “It’s happening in other industries as well.” When new innovations are launched and others attempt to steal them, pirate protection methods are established, which prompts the development of progressively more sophisticated theft devices.
“What distinguishes this quantum-safe cryptography instance is that the quantum algorithms force a more radical modification.” After all, those devices are based on different physics and offer varying computing complexity for different situations,” Narozniak remarked.
Indeed, QC employs a peculiar property of quantum physics in which an electron or atomic particle can be in two states at the same time. In classical computing, an electric charge can only represent information as a 0 or a 1, whereas in quantum computing, an atomic particle can be both a 0 and a 1, or a 1 and a 1, or a 0 and a 0, and so on. If this one-of-a-kind quality can be harnessed, computing power multiplies manyfold, and QC’s development, combined with Shor’s algorithm — first described in 1994 as a theoretical possibility, but soon to be a wide-reaching reality, many believe — threatens to demolish RSA encryption, which is used in much of the internet, including websites and email.
“Yes, it is a very difficult and fascinating weapons race,” Miyano said.
Assaults on cryptosystems, especially side-channel attacks, are getting increasingly strong as computers and the mathematical algorithms that operate on them advance.” Any cryptosystem could be abruptly broken due to the advent of an extremely powerful algorithm.”
Financial relationship simulation
However, one should not assume that the influence of quantum computing on the crypto sector will be wholly negative. Samuel Mugel, chief technology officer at Multiverse Computing, the firm that led the aforementioned program at Bank of Canada, explained that in the pilot, they were able to simulate a network of financial relationships in which decisions made by one firm were highly dependent on decisions made by other firms, he explained further.
“Normal supercomputers struggle to solve game theory networks like this because more optimal behaviors can be overlooked.” Quantum computers have more efficient means of dealing with this type of difficulty.”
“For example, unlike conventional states, quantum states cannot be replicated,” Narozniak said of quantum mechanics-based devices. The no-cloning theorem would automatically safeguard digital tokens from being double-spent if they were represented using quantum states.”
According to Narozniak, quantum entanglement might potentially be utilized to safeguard quantum smart contracts. “Tokens could become entangled during contract execution, leaving both parties liable to eventual loss if the smart contract is not executed as agreed.”
Post-quantum cryptography is being explored
Overall, the threat of quantum computing to the cryptoverse appears serious, although vast power would be necessary to breach crypto’s underlying cryptography, and hackers would also have to operate under strict time limits — for example, having just 10 minutes to access a BTC private key.
The use of quantum computing to defeat Bitcoin’s elliptic curve encryption is also at least a decade away. However, the sector must begin inventing deterrents immediately. “I would say that we should be ready on time,” said Barmes, “but we need to be serious about it.”
In reality, a significant amount of research is now being conducted “in post-quantum crypto,” according to Dawn Song, a professor in the computer science division at the University of California, Berkeley, who added:
“It is critical that we develop quantum-resistant, or post-quantum, cryptography so that we have alternatives ready when quantum computers become powerful enough in practice.”