Once a theoretical concept, quantum computing is now rapidly advancing and reshaping our understanding of data processing.
Unlike classical computers that use quantum bits, quantum machines utilize qubits, which can exist in multiple states at once, making them significantly more efficient than classical computing systems at tackling complex problems.
For the blockchain sector, the rise of quantum technology poses a major threat to the encryption systems that underpin blockchain security. Current encryption methods such as Rivest-Shamir-Adleman (RSA) and Elliptic Curve Cryptography (ECC) are widely used in networks such as Bitcoin and Ethereum.
The core strength of quantum computers lies in their complexity, which classical systems cannot crack. But as quantum computers claim to be able to defeat these systems, these networks may become vulnerable to attacks once thought impossible.
With the entire sector, including cryptocurrencies, non-fungible tokens (NFTs) and decentralized applications (DApps), at risk, quantum-resistant cryptographic measures are urgently needed. As we slowly move towards the post-quantum era, the blockchain sector must innovate and adapt.
To shed light on these issues, Lisa Loud, Executive Director of the Secret Network Foundation and Chair of the IEEE SA Quantum Algorithms Working Group, recently spoke with crypto.news to discuss the impact of quantum computing on blockchain security and how these threats are being addressed.
What is a quantum computing attack and why is it considered a threat to blockchain and cryptocurrencies in general?
Quantum computing attacks are similar to modern brute force attacks in that their ability to try different combinations is greatly enhanced compared to classical computers. For a three-digit combination lock, there are about 1,000 possible combinations, and a patient thief could try all of them to unlock your suitcase or steal your bike. For a 12-character online password, the combinations increase to 7,212 passwords, which is intractable for a human. But a classical computer could try them all in sequence and eventually find the right combination. If you have a wallet with an encrypted private key, the number of possible options increases to 2,256. This is too many for classical computing to handle, but a quantum computer can.
While this is a simplification of reality, it conveys the concept of why quantum computer attacks are a threat to blockchains and cryptocurrencies. Many proposals to address this threat are primarily theoretical or rely on the solution of creating a new blockchain that is natively quantum resistant, but this is not practical when millions of dollars are committed to existing blockchains. Instead, some researchers are focusing on end-to-end frameworks that can be applied to existing blockchains.3 Another less obvious but potential threat is the potential for centralization of mining power, as quantum computers can mine blocks much faster than classical computers.
Can the blockchain field address these issues before quantum computing technology is fully ready?
These are the problems we face today, but who knows what will happen when quantum computing becomes a reality? We know that blockchain encryption is evolving to combat these threats, but the biggest question is: what haven’t we thought of yet? What threats are not clear today, but will only emerge when these two technologies enter the same space? We don’t know the answer, but one thing is certain: when blockchain meets quantum computing, there will be new and unexpected problems to solve.
In theory, quantum computers could break RSA and elliptic curve cryptography algorithms, but how imminent is the threat to current blockchain platforms such as Bitcoin and Ethereum?
The field of quantum cryptography holds the promise of breaking existing encryption, but is far from practical application. At the same time, on-chain encryption continues to evolve, and today’s cryptographers recognize the looming quantum threat. As a result of this set of circumstances, the development of new on-chain encryption methods is believed to require quantum-resistant methods. Today, there is no imminent threat to Bitcoin or Ethereum, as quantum hardware remains largely a theoretical construct.
Do you think encryption standards could help protect blockchain networks from quantum threats, and could they be integrated into existing systems such as Bitcoin and Ethereum?
There are various cryptocurrency algorithms designed to be quantum resistant, including SPHINCS+. I chair the IEEE standards committee that defines best practices for creating quantum algorithms, but IEEE has many other working groups and standards bodies that are working on best practices for quantum resistant software development. Blockchain can switch cryptographic algorithms faster than many other areas of the industry. Chains that have governance structures in place will find it easier to switch. Chains like Bitcoin and Ethereum can take longer to switch.
What challenges will decentralized blockchains face in moving to quantum-resistant cryptography? Will the anonymity inherent in public blockchains become an issue?
The anonymity of blockchain users is not so much an issue here. The issue is the distribution of nodes on each blockchain, of which Bitcoin is the most extreme. Mitigation strategies to make Bitcoin quantum-resistant would almost certainly require a change in wallet address format. Bitcoin’s proof-of-work consensus mechanism is not immediately threatened, but its address system (based on ECDSA (Elliptic Curve Digital Signature Algorithm)) is vulnerable and would need to be changed. This has historically been a cumbersome process that has created confusion and losses. Ethereum faces similar challenges with its address structure and widespread distribution, but has the advantage of being easier to upgrade than Bitcoin due to its smart contract capabilities.
Therefore, migrating a blockchain to post-quantum cryptography will have challenges, and the more decentralized the chain, the harder these challenges will be to overcome. Wallets that are slow to migrate may become more vulnerable to quantum attacks. Allowing post-quantum systems to interact with legacy systems during the transition period will require the maintenance of dual systems for extended periods, and larger key structures may impact blockchain performance.
So, are there any existing blockchain networks that could accommodate the transition?
Some blockchains built more recently may have easier mitigations. For example, Cosmos is structured to make migration easier. All chains built on the Cosmos SDK may need to choose a common quantum-resistant algorithm to make wallet integration easier. Some chains, such as Secret Network and Fhenix, are specifically designed to encrypt the data they carry in transactions. Secret uses secure hardware enclaves (such as Intel SGX’s TEE) to protect encrypted data on the chain. These encryptions are resistant to quantum attacks because the secure enclaves can change the encryption scheme in real time with some impact on performance. Fhenix uses mathematics, namely fully homomorphic encryption, to protect data with complex encryption schemes that are quantum-resistant. The technology for FHE is not currently ready for use, but its timeline is much shorter than that of quantum computers. This allows us to natively build the future of blockchains with quantum resistance built in, much sooner than quantum computing is ready to attack blockchains.
How much time does the blockchain field have left before the threat of quantum computing becomes inevitable?
In the next 10 to 20 years, [blockchain] The industry should be well prepared. Many experts believe that within this time frame, quantum computers capable of breaking current encryption systems may emerge. Even beyond that, if not addressed, quantum computers may be able to break most of the current encryption systems used in blockchains. It is an uncertain future whether quantum computing will ever threaten the encryption of Bitcoin or Ethereum. As for when computers with enough hardware and software to handle complex problems will be ready, modeling the number of qubits developed since 2014 and projecting that timeline1, the earliest estimate is 2035, and some even later 2050.