Quantum Computing Is Coming for Crypto
04.24.2019

Back in January, IBM announced its Q System One, a still-experimental device that serves as a sort of “stepping stone” to quantum computing, according to the Verge. But even if quantum computing—which has the potential to massively increase informational processing potential by using a quantum phenomenon called superposition—isn’t a reality yet, it’s worth considering how much of a threat this technology might pose to cryptocurrency.

At last week’s inaugural Paris Blockchain Week Summit, a group of panelists explored just that. We caught up afterward with panelist Vincent Danos, head researcher at the Centre National de la Recherche Scientifique, the largest governmental research organization in France. He shared his thoughts on how much of a threat this technology might pose to cryptocurrency, when this all might happen, and more about the algorithms in development that will (hopefully) be quantum-resistant.

TheChain: Image

How does quantum computing relate to cryptocurrency?
People have discovered that there are concrete instances where we can use [quantum computing]. One of them is to break RSA systemic cryptography, or elliptic-based cryptography, for signature and encryption, which bitcoin entirely relies on. [The core developers] will have to change the way they do it if the quantum technology is going to catch up with this type of encryption.

How soon will quantum computing threaten cryptocurrency?
[The panelists] were very aggressive in their predictions. They said three years, five years, but I don’t know if I believe this. But in 20 years, for sure.

If the threat isn’t immediate, is this something we need to worry about now?
The French official position is that we don’t really know the new [quantum computing] schemes that are being put into place [and as] it’s not so soon, let’s see how things unfold and maybe we’ll have a better look at those schemes in five years. NIST [National Institute of Standards and Technology, a U.S.-based Department of Commerce organization] thinks differently and they say that we have to make a decision now [on putting schemes in place].

Isn’t bitcoin already quantum-proof, though?
Some people say it is, but sometimes you reveal your public key and then you are breakable if there is a computer which is strong enough. There’s a tiny time window where I will send my public key along with the transaction I want to inject into the system, 10-20 minutes or so, and if it stays here too long maybe a quantum computer can crack them before they are on the chain.

How do you think quantum attacks on blockchains will take place?
I think that quantum driven attacks are mostly going to happen at the periphery of the system. It’s one thing to break things that are encrypted on the chain, but the point of attack will be closer to the user, to what kind of physical device the user is using to inject a transaction into the blockchain system.

Is there anything available to stop this?
One technique is called PUF, which is a physical unclonable function. This is a device that promises to not be physically cloneable. I can use this to make myself identified by you if you know how the little machine is supposed to respond. You send me a challenge, I send you a response and you’ll compare the response that you receive from me to the response that you know that I should be giving, and then you’ll be able to identify me as the person holding the device.

And this would stop quantum computers from attacking cryptocurrency?
We should be looking for vulnerabilities that will be exploited by quantum attacks at the level of the physical protection of the keys of all the cryptographic schemes used in one way or another. PUFs are a way to not use keys, but something similar to prove that you are who you say you are.

Is there a specific reason why people are concerned about quantum computing in the cryptocurrency world?
Yes, I think people in the crypto asset world have an acute sense of security problems and potential vulnerabilities in cryptographic schemes, so I think they are a little ahead of the curve.

Where will this potential threat come from?
This discussion is fun because it’s only the big technology companies like Microsoft, IBM, Rigetti, Google, and Chinese players, like Alibaba and Tencent, that are coming into the picture. Quantum computers are going to be very expensive to build, so they will be concentrated in a few hands. It means hackers may not have access to them, as it’s not going to be easy to summon the computational power to do it.

Could some of these big companies use what they develop against the cryptocurrency industry?
Not in any malicious way. They are really large objects with a huge reputation to preserve, right? So Google is not going to crack the bitcoin blockchain, but if they can, they will certainly demonstrate that they can do it to impel further momentum.

This interview has been edited and condensed. Photo courtesy Vincent Danos.