Recently, the US Cybersecurity and Infrastructure Security Agency (CISA) released a report stating that in the future the cryptography behind Bitcoin could be put at risk by quantum computers.
The report does not explicitly mention Bitcoin and cryptocurrencies, but it does mention public key cryptography, which is precisely the cryptography that underlies the operation of Bitcoin and cryptocurrencies.
According to CISA, in the future quantum computers will reach such high levels of computing power and speed that they will become capable of hacking the public key cryptography algorithms currently in use.
Bitcoin and crypto at risk as quantum computers emerge
Public key cryptography is what Bitcoin and cryptocurrencies use to sign transactions, which means that only token holders can send them to others.
Indeed, only properly signed transactions are accepted by the Bitcoin network, and that signature to date turns out to be inviolable thanks to what is known as public key, or asymmetric, cryptography.
How does the signing of crypto transactions take place?
Each wallet has one or more private keys, to which public keys and addresses correspond. In other words, the public key is derived from the private key, from which the public address is derived.
The public address is the one that the user communicates to everyone, while the private key must never be communicated to anyone because it is the one that allows transactions to be signed, i.e., tokens to be used.
Everything is based on the very concept that only the user knows the private key required to sign and authorize transactions. Therefore, it only works as long as the private key can be protected and known only by the user. In fact, anyone who knows it can use it freely, without limitation or hindrance, to be able to sign and authorize token submissions from the public address to which it refers, so if it is discovered, you actually lose exclusive ownership of the tokens.
For each public address, there is a private key that is required to be able to use the tokens stored on that address. Without the private key those tokens are unusable, but since the private key is just a long string of text, anyone who knows it can exploit it to use those same tokens.
The public key, which is the public address, is used to verify that the signature is correct, since if the signature can only be generated from the private key, verification of the correctness of the signature can also be done with just the public address, which is why this is called “asymmetric encryption.”
Theoretically, from the simple public address, the private key cannot be traced, simply because in the process of creating the public key from the private key, information is removed. In other words, the public key contains less information than the private key, so much so that it does not contain enough information to allow all the information that makes up the very long private key to be traced.
The great capabilities of a quantum computer
The problem is that an extremely powerful quantum computer could randomly generate such a large number of possible private keys that it might be able to find a few that correspond to a public address. If it were to succeed, and if tokens were stored on that address, it could use the private key guessed in this way to use those tokens without the rightful owner being able to do anything. In fact, he might not even notice it.
At present, the power of quantum computers is still extremely limited, so they are not at all able to guess private keys by randomly pulling. In fact, these keys are so long strings of text that there are more of them than it is possible to imagine, since they consist of 256 bits. Indeed, it is not even possible to imagine that they will be able to do so in the coming decades.
However, the situation changes over the very long term. As stated by CISA, in the distant future quantum computers may be able to breach this level of security.
In fact, they write in their report that states, governments and those who manage critical infrastructure must prepare for a new post-quantum cryptographic standard.
It is not yet clear when such a scenario will occur, but CISA is already urging people to consider the development and implementation of quantum-resistant cryptographic technologies.
Actually, there are already some out there, and apparently there is still plenty of time to both refine them, create new ones, and implement them. However, we need to start considering now what might be the best avenues to pursue, although there is apparently no rush to do so.
CISA points out that all digital communications are based on cryptography. Many of these, such as the HTTPS Internet protocol, are based on public key cryptography and digital signatures, so this is by no means a problem related only specifically to cryptocurrencies.
Virtually the entire Web is now based on asymmetric public-key cryptography, so the effort that needs to be made to make these technologies quantum-resistant is colossal. Therefore, it is not surprising that CISA is already starting to suggest that the problem, although still far from being a concrete one, should be seriously considered so that we have plenty of time to study the best solutions.
In the CISA report, analysts write:
“When quantum computers reach higher levels of computing power and speed, they will be capable of breaking the public key cryptography algorithms that are in use today, threatening the security of business transactions, secure communications, digital signatures, and customer information.”
Hence although they do not indicate timeframes, which still appear quite remote, they assume that sooner or later this will happen, pointing out that although there is no urgency there is nonetheless an absolute need for action.
Moreover, they add:
“In the hands of adversaries, sophisticated quantum computers could threaten U.S. national security if we do not begin to prepare now for the new post-quantum cryptographic standard.”
This is probably CISA’s real interest, which is to warn the US government of the risk that enemies might exploit the enormous computing power of quantum computers in the future to specifically violate the secrecy of their communications. In doing so, it also highlights that a great many other areas could suffer similar problems.
The report also seems to suggest that the adoption of quantum-resistant countermeasures is not particularly complicated or difficult. It appears that technologies already exist that can support this upgrade, although their application in some cases may prove to be anything but straightforward.
In the case of Bitcoin, for example, it will be necessary to get the vast majority of users to agree, because all nodes and wallets will have to be updated in order to do so. Indeed, first, it will be necessary to decide how to update them, second, it will be necessary to write the new updated code, and then adopt it in place of the code currently in use.
This is nothing infeasible, but the process will necessarily be slow and complex.
According to the CISA, updating asymmetric encryption techniques will be a challenge because of the cost and some technical difficulties.
However, they write:
“However, organizations should make necessary preparations for migration to post-quantum cryptography.”
To this end, they have also provided a roadmap to help move this process forward.
While CISA expects the new post-quantum cryptographic standards to be published no earlier than 2024, they suggest starting to prepare now to get to a smooth migration.