Harvest Now, Decrypt Later Scenarios Mandate Need for Quantum-Safe Initiatives Now
(QuintessenceLabs.blog) Time is of the essence. Current documents harvested now and decrypted in 10 years time from now when quantum computers are powerful will make all your content known to the thieves. There will be nothing you can do about it. Even if you deploy the greatest Post-Quantum-Algorithm in the world, the content of the decade-old documents will be known to your adversaries as quantum computers become more common.
Blogger and Quintessence Labs’ Andreas Baumhof uses the situation with Satoshi’s bitcoins to represent the perfect “harvest now, decrypt later” attack scenario. There are over 1m bitcoins (1,148,800 BTC to be exact) believed to be owned by Satoshi, the famous unknown creator of Bitcoin. Unlike a fiat currency like USD where you can physically own the currency, nobody “owns” a bitcoin. All you “own” is a private key that belongs to this bitcoin’s public key. The public key for all these bitcoins is stored in plain text visible to anyone on the blockchain. If a hacker has a Quantum Computer that can break Elliptic-Curve-Cryptography (ECC), all these bitcoins belong to the hacker who will be a multi-billionaire (at current market rates, these BTC’s are worth around 10 billion USD).
To protect the existing bitcoins that are stored on the blockchain, they would have to be moved to these new quantum-safe addresses. But in order to move them, their private key would be needed. If I have a Quantum Computer, I will be able to produce a valid private key to all of Satoshi’s coins.
NOTE: This blog is one in a fascinating and worthwhile series on quantum security by Andreas Baumhof Quintessence Labs.