Intel 17 qubit quantum test chip.
Stefan Thomas really could have used a quantum computer this year.
The German-born cryptocurrency programmer and trader forgot the password to unlock his digital wallet, which contains 7,002 bitcoins, now worth $ 265 million. Quantum computers, which will be several million times faster than traditional computers, could have easily helped you crack the code.
Although quantum computing is still in its infancy, governments and private sector companies like Microsoft and Google are working to make it a reality. Within a decade, quantum computers could be powerful enough to break through the cryptographic security that protects cell phones, bank accounts, email addresses, and yes, bitcoin wallets.
“If you had a quantum computer today and you were a state sponsor, China, for example, probably in about eight years, you could break wallets on the blockchain,” said Fred Thiel, CEO of Marathon Digital Holdings, a specialist in cryptocurrency mining. .
This is precisely why cryptographers around the world are racing to build a quantum-resistant encryption protocol.
Right now, much of the world is powered by something called asymmetric cryptography, in which people use a public and private key pair to access things like email and crypto wallets.
“Every financial institution, every login on your phone, everything is based on asymmetric cryptography, which is susceptible to being hacked with a quantum computer,” Thiel said. Thiel is a former director of Utimaco, one of the largest crypto companies in Europe, who has worked with Microsoft, Google, and others on post-quantum encryption.
The public-private key pair allows users to produce a digital signature, using their private key, which can be verified by anyone who has the corresponding public key.
In the case of cryptocurrencies like bitcoin, this digital signature is called the elliptical curve digital signature algorithm and it ensures that bitcoin can only be spent by the rightful owner.
In theory, someone using quantum computing could reverse engineer your private key, falsify your digital signature, and subsequently empty your bitcoin wallet.
“If I were trying to create fear … I would tell you that among the first types of digital signatures quantum computers will break are elliptical curves, as we use them today, for bitcoin wallets,” said Thorsten Groetker. , former CTO of Utimaco and one of the leading experts in the field of quantum computing.
“But that would happen if we don’t do anything,” he said.
Fortify bitcoin wallets
Crypto experts told CNBC that they are not as concerned about quantum hacking of bitcoin wallets for a couple of different reasons.
Castle Island Ventures founding partner Nic Carter noted that quantum breaks would be gradual rather than sudden.
“We would have many caveats if quantum computing was reaching the stage of maturity and sophistication where it began to threaten our core cryptographic primitives,” he said. “It wouldn’t be something that happens overnight.”
There’s also the fact that the community knows it’s coming, and researchers are already in the process of building secure quantum cryptography.
“The National Institute of Science and Technology (NIST) has been working on a new encryption standard for the future that is quantum-proof,” Thiel said.
NIST is running that screening process now, choosing the best candidates and standardizing them.
“It’s a technical problem and there is a technical solution for it,” Groetker said. “There are new and secure algorithms for digital signatures … It will take years to migrate your funds from one account to another.”
Groetker said he expects the first standard secure quantum cryptographic algorithm by 2024, which is still, as he put it, long before we see a quantum computer capable of breaking bitcoin crypto.
Once a newly standardized post-quantum secure cryptography is built, Groetker said, the mass migration process will begin. “All owners of bitcoin or ethereum will transfer [their] funds from the digital identity that is secured with the old type of key, to a new wallet or new account, that is secured with a new type of key, which will be secure, ”he said.
However, this type of security update requires users to be proactive. In some scenarios, where fiat money accounts are centralized through a bank, this process may be easier than requiring a decentralized network of cryptocurrency holders to update their systems individually.
“Not everyone, regardless of how long it takes, will move their funds on time,” said Groetker. Inevitably, there will be users who forget their password or perhaps die without sharing their password.
“There will be a number of wallets … that will become increasingly insecure, because they are using weaker keys.”
But there are ways to deal with these kinds of security update flaws. For example, an organization could block all accounts that are still using the old type of crypto and give the owners some way to access it. The trade-off here would be the loss of anonymity when users go to get their balance back.