(FinanceYahoo) Bitcoin investors who believe that quantum computing remains a distant threat risk being blindsided by the technology. Quantum computing has already advanced rapidly, far faster than what many scientists had predicted. And since tech companies continue to pour millions of dollars into research and development, nothing can be taken for granted. IQT-News has summarized John Potter’s recent analysis of the insecurity of the blockchain in the oncoming era of quantum computing.
For cryptocurrency investors intent on taking a proactive approach toward blockchain security, solutions that feature post-quantum cryptography appear to be their best long-term bet.
Bitcoin’s protocol relies on an Elliptic Curve Digital Signature Algorithm (ECDSA) to create a private key and its corresponding public key. Bitcoin users should know about both.
Public keys employ a hash function to create your bitcoin’s public address (what you send and receive funds with). This public key itself was meant to be shared with other users. The fact that crypto users feel compelled to hide their public key suggests that the key system is inherently flawed.
Private keys are used to sign and validate transactions, and thus are kept secret. While a user’s public key can be mathematically derived from his/her private key, private keys cannot be derived from public keys.
With Shor’s algorithm, anyone with a powerful enough quantum computer – roughly 2300 qubits (source) – can reconstitute a private key from its corresponding public key.
Once a private key is known, an attacker can create a digital signature that is verifiable by its corresponding public key. As you might suspect, this allows an attacker to access a user’s account funds. Depending on the account, the attacker might be able to access additional details about the user as well.
In Bitcoin’s early days, a user’s public key served as their receiving address.
Cryptography experts soon realized, however, that these ‘pay to public key’ (p2pk) addresses might someday be exploited. In 2010, bitcoin users began replacing their p2pk addresses with ‘pay to pubkey hash’ (p2pkh) addresses (still used today).
Not incidentally, reused p2pkh addresses should not be considered safe either.
While most bitcoin investors no longer use p2pk addresses, they remain vulnerable to them anyway. Once a quantum computer publicly derives a private key from a public key, bitcoin’s price will most likely crash.
Bitcoin users seeking to keep their transactions private might be stymied by companies like Glassnode and Chain Analysis. These companies access and compile the logs from a node’s mempool, viewing the public keys for each transaction in the process.
Public keys may soon be made public again anyway. A bitcoin upgrade named Taproot aims to make all public keys visible on the blockchain. Bitcoin users seeking to keep their transactions private might be stymied by companies like Glassnode and Chain Analysis. These companies access and compile the logs from a node’s mempool, viewing the public keys for each transaction in the process.
Quantum computers will eventually become fast enough to overcome p2pkh protections as well. Instead, instituting quantum-resistant cryptography appears to be the most viable option for meeting this challenge.
Quantum Resistant Ledger (QRL) is playing an instrumental role in this process. The cryptocurrency incorporates a quantum-resistant hash-based signature scheme named XMSS (eXtended Merkle Signature Scheme). If necessary, QRL can also update this signature scheme without compromising its security.