About a week ago, I penned an article on Quantum Computing being a possible answer to crypto adoption as a method of payment [see, Nagoda, K. Is Quantum Computing the Answer for Adoption of Cryptocurrency as a Method of Payment. (Accessed April 24, 2022)]. In a comment to this article, a colleague, @taskmaster4450le, raised the issue of whether quantum computers posed a threat to Bitcoin.
As I responded to the comment, I was aware, after reading a couple of articles on the subject, of this being an issue, but chose deliberately at that time not to address that in the past article. Nonetheless, @taskmaster4450le's comment planted the seed in my brain and accordingly I began researching the issue of what, if any, threats quantum computing poses to Bitcoin or other cryptocurrencies. Keeping this as non-technical as possible, the results of this research follow.
Will Quantum Computing Be The End to Bitcoin?
What is the Underlying Threat Quantum Computing Poses to Cryptocurrencies
"A quantum computer is a type of computer that uses quantum mechanics so that it can perform certain kinds of computation more efficiently than a regular computer can." [Sugi, YK. What is a quantum computer? Explained with a simple example.. (Accessed April 17, 2022); Nagoda, supra]. Some worry though that "that quantum computing, given its extraordinary “brute force” power, could also crack blockchain’s cryptographic structure, which has served Bitcoin (BTC) so well since its inception. Indeed, some say it is only a matter of time before quantum computers will be able to identify the enormous prime numbers that are key constituents of a BTC private key...."[Singer, A. Quantum computing to run economic models on crypto adoption. (Accessed April 24, 2022)].
So the key threat to approximately 4 million BTC (unhashed) lies in using quantum computers to break Bitcoin's encryption. Before discussing feasibility, by what mechanics would quantum computers be utilized to break this encryption?
How Would a Quantum Computer Crack Bitcoin's Encryption?
There are several essential key elements that must be discussed in order to answer this question:
How Many Qubits Are Required to Break Bitcoin's Encryption and Why Must the Break Have to Happen Within Ten Minutes?
In a fairly recent study, researchers calculated "the number of physical qubits required to break the 256-bit elliptic curve encryption of keys in the Bitcoin network within the small available time frame in which it would actually pose a threat to do so. It would require 317 × 106 physical qubits to break the encryption within one hour using the surface code, a code cycle time of 1 μs, a reaction time of 10 μs, and a physical gate error of 10-3. To instead break the encryption within one day, it would require 13 × 106 physical qubits" [Webber, M., Elfving, V., Weidt, S., and Hensinger, W. The impact of hardware specifications on reaching quantum advantage in the fault tolerant regime. (Accessed April 24, 2024)].
To muddy the waters:
The ... more serious threat would be an attack on the elliptic curve encryption of signatures. Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) that relies on the hardness of the Elliptic Curve Discrete Log Problem (ECDLP), and a modified version of Shor's algorithm can provide an exponential speedup using a quantum computer for solving this problem. Bitcoin uses ECDSA to convert between the public and private keys, which are used when performing transactions. With best practices (using new addresses for each transaction), the only point at which a public key is available and relevant to a eavesdropper is after a transaction has been broadcast to the network but prior to its acceptance within the blockchain. In this window, transactions wait in the “mem pool” for an amount of time dependent on the fee paid; the time taken for this process is on average 10 min, but it can often take much longer.
So we are left with the proposition of needing a ton of qubits to use within the ten minute effective window to crack Bitcoin's encryption.
An additional constraint is that this scenario assumes "the public key is identical to the BTC address, as were most in Bitcoin’s early days before it became common practice to use the KECCAK algorithm to “hash” public keys to generate BTC addresses. It’s estimated that about one-quarter of existing Bitcoin is using unhashed public keys" [Singer, supra]. Hence only unhashed BTC will be vulnerable, but that amounts to 4 million BTC (with a value today of $171 Billion).
What are the Bottom Line Quantum Requirements?
Taking all of the constraints above set forth into consideration, Webber, et. al. have estimated that 1.9 billion Qubits would be needed to crack a single Bitcoin private key within the ten minute window.
Is it Feasible to Contemplate Quantum Computers Being Able to Crack Bitcoin's Encryption?
"Qubits, or quantum bits, are the analog to “bits” in classical computing. By comparison, most proto-QC computers today can summon up 50–100 qubits, though IBM’s state-of-the-art Eagle quantum processor can manage 127 qubits" [Id]. Accordingly, current quantum computing technology lacks the muscle to come even close to the 1.9 billion Qubits estimated to be necessary to 'bust' Bitcoin.
But the "estimated requirement ... suggests Bitcoin should be considered safe from a quantum attack for now, but quantum computing technologies are scaling quickly with regular breakthroughs affecting such estimates and making them a very possible scenario within the next 10 years.” [Webber, et. al. Supra]. As well, Takaya Miyano, a teacher of mechanical design at Japan’s Ritsumeikan University, informed Crypto PumpNews,“I think that quantum computers could break cryptocurrency, though, not in a few years time, but in 10–20 years time” [Adamson, W. Quantum computing to run economic models on crypto adoption. (Accessed April 24, 2022)].
So yes, although some time off in the future, quantum computers breaking Bitcoin's encryption is feasible. But...
Feasibility is at Best Ten Years Out into the Future - That Provides Time to Prepare
It is critical to take notice that the cryptocurrency industry might be afforded approximately ten years to prepare for this quantum apocalypse. According to Marek Narozniak: "There is more than enough time to develop quantum-safe cryptography standards and work out adequate forks to currently used blockchain protocols" [Cryptos. Quantum computing to run economic models on crypto adoption. (Accessed April 24, 2022).
What is unfolding in this area, then, appears to be a sort of arms race — as computers grow more powerful, defensive algorithms will have to be developed to meet the threat. 'This overall pattern is really nothing new to us,' said Narozniak. 'We see it in other industries as well.' Innovations are introduced, and others try to steal them, so piracy protection mechanisms are developed, which provoke even more clever theft devices.
Luckily, a great deal of current research is underway addressing the problems presented in post-quantum cryptocurrency. Dawn Song, a professor in the computer science division at the University of California, Berkeley, told Cointelegraph ...: “It is important that we develop quantum-resistant, or post-quantum, cryptography so we have the alternatives ready when quantum computers are powerful enough in reality.” [Id].
Totally this author's opinion on the foregoing. Most probably, Quantum Computing killing of Bitcoin will prove itself to be pure hogwash. Given the computational power required coupled with the severe time constraints of ten minutes access to obtain a private key, an initial high bar is set. Next given the current capabilities of quantum computing compared to what is needed to break the encryption is a huge difference and is set off to some future time - the bar moves higher.
But finally, it is this window of time created out of the need for technological advancement in quantum computing mechanics that leads to the 'hogwash' conclusion. While quantum technologies are advancing, so too are the protective algorithmic mechanisms to address the possible destructive forces.
It is this author's belief that time is our friend in this matter and that realistic protections will be developed in time and be effective enough to protect Bitcoin from the super 'Super Computer'. So while the threat is present now, time will heal any existing vulnerabilities and Bitcoin will not be devoured by Quantum Computing.
AUTHOR'S NOTE: This article was originally published on Leo Finance as well as several other tribe front pages on the Hive blockchain.