safe deposit. cryptocurrency security symbol. the man puts a physical bitcoin in a small residential vault… [+]. toned soft focus image.
There is a lurking fear in the cryptocurrency communities about quantum computing. could it break cryptocurrencies and the encryption that protects them? how close could it be? Do “quantum supremacy” headlines mean my private keys are at risk?
Reading: Why computers won end up bitcoin
the simple answer: no. but let’s dig deeper into this phenomenon and really try to understand why this is so and how quantum computing will interact with cryptocurrencies.
To start, let’s define quantum computing and the classical computing we’re all used to, and see where the terms compare and contrast with each other. Quantum computing can be roughly placed in the same paradigm as pre-1900 “classical” physics and “modern” physics, comprising Einstein’s ideas on relativity and quantum physics.
Classical computing is the kind of computer we’ve become accustomed to, extensions of Turing’s theories of computing, the laptops or mobile phones you carry with you. classical computing relies heavily on the manipulation of physical bits: the famous 0s and 1s.
quantum computing is based on qubits, bits that are kept in superposition and use quantum principles to complete the calculations. the information captured or generated by a quantum system benefits from the ability of qubits to be in more than one physical state at the same time (superposition), but the information deteriorates when capturing the state of the system.
A point that will be immediately relevant to the discussion is that, as a result, quantum computers are not universally better than classical computers. when people talk about “quantum supremacy” including google goog and/or china reports, they really mean that a quantum computer can do a certain task better than classical computers, maybe one that is impossible to do in a period of reasonable time with classical computers.
we can think of this in terms of timescales from a computational perspective: there are some functions, but not all, that go from being impossible to perform in any humanly meaningful amount of time to others that become slow but manageable with a big enough quantum computer.
In a way, you can think of turing tests and quantum supremacy tests in the same way. designed primarily to demonstrate the superiority of one system over another (in the case of Turing tests, artificial language generation vs. human language understanding, in the case of quantum supremacy tests, quantum computing systems vs. computers classics), have become more gimmick than substance.
a quantum computer has to perform better at some tiny, trivial task that may seem impressive but completely useless; in the same way that a machine-generated English Turing test could fool a Ukrainian child who is not fluent in the language.
This means we have to limit ourselves to a function that quantum computers may be better at that would materially affect cryptocurrencies or the encryption they are built on for “quantum supremacy” to matter.
a specific area of focus is shor’s algorithm, which can factor large numbers into two-component primes. this is a very useful property for cracking the cipher, since the rsa cipher family depends on factoring large numbers in exactly this way. shor’s algorithm works in theory with a large enough quantum computer, so there is a practical concern that eventually, shor’s algorithm could come into play and, among other things, the rsa encryption could be broken.
on this front, the us national institute of standards and technology. uu. (nist) has already begun compiling proposals for post-quantum cryptography, encryption that would work and not break even with much larger quantum computers than we currently have. able to build. they estimate that quantum computers large enough to disrupt classical encryption will potentially arrive within the next twenty years.
for cryptocurrencies, a fork in the future that could affect much of the chain, but it will be somewhat predictable: a lot of thought is being given to post-quantum encryption technology. bitcoin would not be one of the first planks to fall if classic encryption were suddenly broken for various reasons. however, a soft fork (rather than a hard fork) could be enough to help move crypto assets from suddenly insecure keys to post-quantum secure encryption.
even an efficient implementation of shor’s algorithm may not break some of the cryptographic standards used in bitcoin. Sha-256 is theorized to be quantum resistant.
The most efficient theoretical implementation of a quantum computer to detect a sha-256 collision is actually less efficient than the theoretical classical implementation to break the standard. the wallet file in the original bitcoin client uses sha-512 (a more secure version of sha-256) to help encrypt the private keys.
Most encryption in modern cryptocurrencies is based on elliptic curve cryptography rather than rsa, especially bitcoin signature generation which requires ecdsa. this is largely due to the fact that elliptic curves are correspondingly harder to crack than rsa (sometimes exponentially) on classical computers.
thanks to moore’s law and better classical computing, secure rsa key sizes have grown so large that they are impractical compared to elliptic curve cryptography, so most people will opt for rsa cryptography. elliptic curve for reasons of performance of their systems, which is the case with bitcoin.
However, quantum computers seem to turn this logic on its head: with a large enough quantum computer with enough qubits, it can crack elliptic curve cryptography more easily than it could crack rsa.
Both elliptic curve cryptos are widely used in many other industries and use cases as well: rsa-2048 and higher are standard in the mainstream banking system for sending encrypted information, for example.
However, even with a large enough quantum computer, you’d still have to reveal or find someone’s public keys for them to be subject to attack. Since the reuse of cryptocurrency wallets is frowned upon and good privacy practices are generally encouraged, the likelihood of this attack is already being reduced.
another area of attack could be grover’s algorithm, which can exponentially speed up mining with a large enough quantum computer, although asics, the specialized classical computers used primarily to mine bitcoins now, are likely to be more fast compared to earlier versions of more complete quantum computers.
This poses a stronger threat when it comes to the state of cryptocurrencies: the ability to rapidly mine in a sudden quantum acceleration could lead to price destabilization and more importantly, on-chain control. itself: an unexpected quantum acceleration could, if hidden, lead to major centralization of mining and possible 51% attacks. However, the most likely case is that larger quantum computing systems are treated like any kind of hardware, similar to miners transitioning between gpus, fgpas and asics: a slow economic transition to better tools.
It is conceivable that these attack paths and perhaps more unpredictable ones will emerge, but planning for post-quantum encryption is already underway, and through the mechanism of forks, cryptocurrencies can be upgraded to use post-quantum encryption standards and defend themselves. against these weaknesses.
Bitcoin and even other cryptocurrencies and their history are full of examples of hardware and software changes that had to be made to make the network more secure and efficient, and current good security practices (avoid reuse of wallets) can help prepare for a more uncertain future.
so quantum computers being added to the mix won’t make classical modes of encryption useless or mining trivial – “quantum supremacy” now doesn’t mean your encryption or bitcoin’s security is at risk right now.
the real threat is when quantum computers become much larger than they currently are, at which point planning for post-quantum encryption, which is already underway, would come to the fore, and at what point bitcoin and other cryptocurrencies can do a soft fork, and use both decentralized governance and dynamism when needed in the face of new existential threats to defeat the threat of “quantum supremacy”.