The shadow of the Quantum Threat
Security is always a function of the adversary’s capability.
Even though we have mostly no understanding of what’s going on in this field, there are a few informations of interest for those who believe in Blockchain.
Quantum computers allow a binary digit to be both 0 and 1 instead of just one at a time, exponentially increasing the computational computational capacity by allowing the computer to consider or try more combinations at any given time.
From the security point of view, every digital vault has a digital key to access it — which fundamentally takes the form of a series of 0s and 1s. Meaning that with enough tries, you could always find the right combination and get in.
The safety of any digital vault lies in the amount of time and resources needed to try enough possibilities to break in. Most security algorithms used today are safe because the chances of a hacker finding the right combinations are slim to none.
All of this changes if strong enough technology habilitates a third party to try exponentially more combinations.
The problem
The National Institute of Standards and Technology (NIST) has been clear on the matter since 2016: The main algorithm behind Bitcoin — namely ECDSA — is useless in the quantum future.
Considering a strong enough quantum computer, two types of attack could be used against Bitcoin and other cryptocurrencies:
- Storage attack
- Transit attack
A Storage Attack consist of computing the private key from the public one. Which is exactly what isn’t supposed to happen. We know how the ECDSA algorithm generates the pair of keys of a crypto wallet, and while being completely safe today, it won’t be for long.
But not all Bitcoin addresses are vulnerable. After 2010, the SHA256 algorithm has been used to hash every new bitcoin addresses, and the good news is that SHA256 is quite robust, even for quantum standards. NIST only states that using bigger integers as inputs is enough to make SHA256 quantum-proof.
Unfortunately, the addresses created before 2010, with their naked ECDSA public key, could in theory be cracked. Now what would happen if all the very old wallets with huge amounts of Bitcoin started to be cracked ?
Itan Barmes, Deloitte’s quantum security specialists, believes that the stealing of approximately 4 million coin could pose a systematic risk. On the other side, Satoshi’s solution is already thought through: if a hack of this magnitude was to happen, a fork would take place ignoring the lost Bitcoins.
On the other hand, a Transit Attack consists of deriving the private key from a public one once it sheds its Hash appearance. This happens right after signing a message to authenticate a transaction.
Once a transaction is made, the public key becomes visible. At this moment, the address would theoretically become vulnerable for 10 minutes. Why 10 minutes ? Because that’s the time it takes to mine a new block. The transit attack has to take place before the transaction is added to a block and then to the blockchain, making it immutable — + 6 blocks for the connoisseurs.
The attack would consist of discovering the public key once a transaction is made, cracking the private key, gaining access to the wallet and making a second transaction with the funds available to the address that made the first transaction.
If the hackers ensure that this second transaction is validated first, his the first one fails and the funds are stolen.
However, to crack ECDSA in under 10 minutes, it is estimated that one would need a quantum computer 15 million times more powerful than the 127 qubit processor currently available at IBM.
To give you a sense of the expected evolution of quantum processors, IBM promised to deliver a 1'000 qubits processor by 2023 and is getting ready with equipment to ultimately hold processors with up to 1'000'000 qubits.
The Solution
Fortunately, quantum computer doesn’t hit engineers as a big surprise. Technology advancements and future-proofing have always been in the back of the head of cryptographers.
Bitcoin was designed and built to last.
Even though it’s been estimated that a quantum computer with 13 million qubits, which is said to be available in 2030, could crack SHA256 algorithm in a day (not even 10 minutes). It would take far less time to the Bitcoin community to vote an update and use a quantum resistant algorithm instead.
Similarly to the possibility of increasing the difficulty of the cryptographic puzzle needed to mine blocks, the algorithms that protects the original blockchain can be changed or strengthened.
Post-quantum algorithms can be integrated to the blockchain consensus mechanisms and to hash addresses.
Regarding that matter, NIST published its top algorithms to defend against quantum threats, like CRYSTALS-Dilithium, FALCON or SPHINCS+.
The Beauty and the Beast
Most importantly, quantum computing is as much a sword as it is a shield.
The hardware needed to experiment with quantum computing is a pretty damn high entry barrier. We can imagine that by the time quantum computers fall into the wrong hands, the wizards at IBM will have had enough head start to develop key-generating quantum algorithms to defend whatever needs defending.
Unfortunately, while the future bight be safe we can’t say as much for the past.
The “Hack now, decrypt later” philosophy incentivises many hackers to steal unreadable encrypted data in the hopes of decrypting them later, when the needed technology becomes available.
The future might be riddled with vicious back-to-the-future looking ransomware attacks. 10 or 15 years from now some banks and hospitals might receive e-mails asking them if they remember these highly classified files from the 2010s and 20s.
Concluding thoughts
As mysterious as it sounds, quantum computing is here. And it’s even available !
Big corporations have been getting ready for years to offer quantum resistant products. But small companies and especially IoT devices will be vulnerable targets in the future — even more so than now.
On a less technical and futuristic note, the GTA 6 leaks and the Uber Hack show us again that educating people on the risks of their actions is as important as using great security software.
We must learn to secure our wallets through our behaviour as much as through the technology. Learn not to attach our sensitive information to hackable devices and use different passwords and networks for different activities.
Here’s a best practices guide to get you started.
Blockchain will not be able to survive it it doesn’t adapt. But the right people are well aware of the issue.
Thank you for reading, and as always, time will tell.
