Cryptocurrency's quantum dilemma
University research: Looking for quantum-resistant cryptocurrencies
The security of cryptocurrencies could be “completely broken” by quantum computers within 10 years, a new Australian report has found.
The white paper, Quantum Attacks on Bitcoin and How to Protect Against Them, found that the power of quantum computing could jeopardise the security of cryptocurrencies like bitcoin by cracking the signature security protocol used to verify information and transactions.
The research was led by Dr Marco Tomamichel from the University of Technology Sydney's Centre for Quantum Software and Information, along with a team from Macquarie University and Nanyang Technological University in Singapore.
They found that quantum computers could be powerful enough in 10 years to be able to steal cryptocurrency coins without detection, potentially completely eroding trust in digital currencies like bitcoin.
“Cryptocurrencies are all about trust – it’s just some bits on a computer. If the trust gets lost then the value just disappears into nothing,” Dr Tomamichel told InnovationAus.com.
"There’s no gold standard behind it or anything, so it’s really based on trust," he said.
"You want to think long-term and ensure that they are safe against attacks that will be possible in the future."
The researchers have formed the Quantum Resistant Coin group in an effort to push developers to prepare for the security risk of quantum computing now.
Quantum computers will complete operations far quicker and more efficiently than classical computers.
Australia has been a research leader in the area, with the Silicon Quantum Computing company launched in August to develop and commercialise UNSW quantum technology, and University of Sydney Quantum Science Research Group driving a world-leading agenda.
But this research could inadvertently have disastrous consequences for cryptocurrencies like bitcoin, with the white paper finding that quantum computing could be powerful enough in 10 years to crack the security protocols used to verify cryptocurrency transactions.
“The coming development of quantum computers pose a serious threat to almost all of the cryptography currently used to secure the internet and financial transactions, and also to bitcoin,” the paper said.
With Australia leading the way on quantum computer research, it should also get on the front foot with ensuring other technologies are protected from this emerging technology, Dr Tomamichel said.
“We should try to be players in both developing quantum computers and also in improving cryptography so that it’s safe from possible attacks,” he said.
“It’s not a responsibility, it’s an opportunity. These are very important questions that present big opportunities for us.”
The vulnerability in cryptocurrencies is found before a transaction is listed on the blockchain, in the time before a ‘miner’ has verified the information and solved the complex mathematical equation.
This is a window of about 10 minutes.
“By our most optimistic estimates, as early as 2027 a quantum computer could exist that can break the elliptic curve signature scheme in less than 10 minutes, the block time used in bitcoin,” the paper said.
The main risk is in the signature scheme used by cryptocurrencies to authorise transactions. This is based on a public and private key. A bitcoin recipient must share their public key with the person sending the coins, and have to use the private coin to spend the coins.
If an attacker can learn the private key they can then spend the funds without detection.
Current computer technology is not powerful enough to crack these keys in enough time, but the white paper found that quantum computing will soon be able to do this in just a couple of minutes.
“If no countermeasures are taken, one could essentially wait until someone tries to send their coins and at that point steal the signature using a quantum computer and replace the transaction with another, sending the bitcoins to their account. It would be very easy to steal that money,” Dr Tomamichel said.
In more heartening news, the researchers found that the proof-of-work that undermines this mining process is relatively safe from quantum computing for the time being.
While some experts have previously said that the day quantum computing arrives, bitcoin will end, the researchers have offered a range of measures and alternatives to the current security protocols that could negate the threat, mainly with a different, quantum-safe public key signature scheme.
They concluded that the “only reasonable options are hash and lattice-based schemes”.
“There are alternatives to the signature scheme used by bitcoin that are already secure from quantum computers. In principle, one could upgrade bitcoin to include this to protect all new transactions,” Dr Tomamichel said.