Government intervention, poor usability, high network fees – which one of these poses the most significant threat to Bitcoin? The answer may be none of them.
Although the Bitcoin network is incredibly secure under the current condition of computers, there’s an even greater threat looming overhead. Quantum computers have the potential to make Bitcoin’s security measures obsolete, effectively destroying the once dominant cryptocurrency.
What is Quantum Computing?
Simply put, a quantum computer is a supercomputer held at near absolute zero temperatures (-459.67°F). At this temperature, the subatomic particles in the computer’s processor act in ways that aren’t possible under normal conditions.
Contrary to popular belief, quantum computers aren’t necessarily faster than traditional ones. So, unfortunately, they won’t improve the speed of your Netflix stream.
But the quantum anomalies that occur at freezing temperatures do enable them to perform calculations that are theoretically impossible for ordinary computers to execute in an acceptable time frame. Some use-cases of these calculations include the simulation of molecules, protein folding, and logistics optimization.
But how exactly does a quantum computer accomplish this?
Superpositioning and Entanglement
Quantum computers have two properties that give them the ability to perform complex calculations at an efficient rate. The first is superpositioning.
Traditional computers store information as a series of 0’s and 1’s. Quantum computers, on the other hand, store their data using a set of qubits – superpositions of 0 and 1. The qubits effectively exist in two states at once.
When you connect these qubits in a system, the number of states grows exponentially. One qubit has two states, two have four states, four have eight, and so on. The number of states directly follows the equation:
# of states = 2n where “n” is the number of qubits.
The second property of quantum computers is entanglement. When two qubits are entangled with each other, measuring the value of one qubit will automatically tell you the value of the other qubit as well. Entangling all the superpositioned qubits of a quantum computer will give you every possible state involved.
How Does Quantum Computing Affect Bitcoin?
Quantum computers are exceptionally skilled at solving cryptographic calculations. To fully understand the threat that this poses to Bitcoin (and other cryptocurrencies), we should first rehash public keys, private keys, and how Bitcoin links the two together.
A Quick Bitcoin Refresher
Every Bitcoin wallet has a private key and a public key. Your public key is the wallet address to which you receive funds, and it’s created from your private key. Your private key is effectively the “password” you need to send funds.
To send funds, specifically bitcoin, you sign each transaction using an elliptic curve signature scheme. This scheme proves to others that you own the private key without having to broadcast what it is. The math behind this scheme also makes creating a public key from a private one easy while doing the reverse is nearly impossible.
That may change soon, though, with quantum computers.
A common misconception: One quantum computer could provide enough hashing power to perform a 51% attack on the Bitcoin network.
The reality: ASIC miners are, and will be for at least ten years, much more efficient at mining than quantum computers. There’s little to no risk of a quantum computer sabotaging the Bitcoin network through a 51% attack. The real threat lies in a quantum computers ability to deride private keys from the network’s public keys.
The inefficiencies of today’s computers keep the private keys that elliptic curve signatures generate relatively safe. It wouldn’t be worth the time or resources to guess private keys through brute force.
A traditional computer would need to perform 2128 or 340,282,366,920,938,463,463,374,607,431,768,211,456 basic operations to derive a Bitcoin private key from a public address.
However, using Shor’s algorithm, a significantly large quantum computer needs just 1283 or 2,097,152 operations to figure out a private key. That’s multiple orders of magnitude less, making the task of figuring out key relationships a possibility.
How Screwed is Bitcoin?
The good news: Bitcoin should be fine. Quantum computers that are efficient enough to calculate Bitcoin’s key relationships are still many years out. And solutions aren’t as complicated as they may seem.
The simplest, but not so feasible, solution is to only use each Bitcoin address once. When following this practice, your public address is only visible between the time you initiate your transaction to when it enters a block. People rarely change their address with each transaction, though.
Signature Algorithm Change
The recommended solution is to change Bitcoin’s public key algorithm from elliptic curve signatures to an algorithm that’s quantum resistant.
Lamport signatures are a common suggestion for the replacement. These signatures are much larger than their elliptic curve counterparts, though (about 169 times larger). This size difference hinders scalability, even with the implementation of the Lightning Network.
Additionally, Lamport signature keys still have a limited amount of use before you’d need to create a new key pair. This number may even be as low as one use.
With any change to the public key algorithm, you would also need to soft fork Bitcoin and have all users transfer their funds to the new address type. Any funds left behind would be at risk for theft.
Some teams are building out their cryptocurrency with quantum resistance in mind.
IOTA, for example, uses one-time Winternitz signatures to create key pairs. This strategy renders addresses useless almost instantaneously after sending funds, leaving your address susceptible to quantum attack for a few seconds at most.
The Nexus team advertises their 3D-blockchain as the “first truly quantum-resistant blockchain.” It updates and obscures your keys after every transaction with a scheme the team calls “signature chains.”
Another project, Hcash applies BLISS signatures to prevent quantum computing.
The Future of Quantum Computing & Resistance
These projects aren’t alone in their fight against quantum computing, though. Even though you don’t hear much about quantum resistance in association with other projects, they’re still working on it. Ethereum, for one, has proposals that would enable different types of signature algorithms for each user.
With high-powered quantum computers still years away, most projects should have plenty of time to build up their defenses. So you can rest easy at night knowing that Bitcoin should be here to stay.
Authored by Steven Buchko of CoinCentral