I know, I know. You’re probably thinking, “Oh, lord, another scaremongering post against bitcoin/crypto!” But I promise you, we’re on the same side. I’m an avid investor, have dabbled in all forms of digimoney (sticking mainly with Litecoin for legacy reasons, Dogecoin for the lolz and Cardano because frankly, the one thing that sucks most about crypto is the damage we’re doing to the environment. Why, oh, why, can’t we have an egalitarian, decentralised currency that doesn’t use the same amount of electricity each year as Sweden?! But I digress.)
No, rather than being a naysayer, fearmonger or any other complex compound noun, I’m a fan – but also, a realist. Oh, and a cyber security professional. Because of the latter, I’m a massive devotee of blockchain and crypto, mainly because it’s so damn hard to hack. And that’s how you know I’m about to introduce a way for it to be hacked.
Can Quantum Computers Hack Cryptocurrencies?
In a word: yeppo.
While the blockchain aspect of most cryptocurrencies is what makes them so watertight against incursions, there are a few points of vulnerability, even without quantum computers’ (QC) advanced decryption techniques. I won’t bore you with those, but instead, let’s explore how threat actors could use QCs to get at your money.
Broken down very simply, the asymmetric cryptography (one public and one private key) that most crypto systems use is deemed impenetrable because it’s simply mathematically nearly impossible to derive the private key in the exchange from the public key.
According to Debanjan Chatterjee (Bitcoin mag, NASDAQ), this is because “classical algorithms require an astronomical amount of time to perform such computations and consequently are impractical.”
However, he points out, “Peter Shor’s polynomial-time quantum algorithm run on a sufficiently-advanced quantum computer could perform such derivations and thus falsify digital signatures.”
Liqun Chen and Stephen Holmes of the University of Surrey echo this in their research, saying: “The common issue that all cryptocurrencies have in common is the need to disclose the public key and signature to execute the unlocking script to prove ownership and move funds. The question of how vulnerable bitcoin or a derived altcoin cryptocurrency is to a quantum computer attack is dependent upon a quantum computer capable of executing Shor’s algorithm and executing this within a time budget that is dependent upon the architecture of the cryptocurrency and the time taken to process an unprocessed transaction.”
What that last bit means is that the key vulnerabilities they discuss are the time it takes for an unprocessed transaction to be placed in a block in the chain – if the time is sufficient (and it need only be milliseconds for a QC to ‘break in’), then you could be vulnerable at this point during every transaction.
What other kinds of attacks are there?
It must be noted that, so far, these attacks are still just theoretical. However, with the advent of scalable QCs predicted for as early as 2023, it’s best to be in the know and prepared, rather than surprised. This article is a fantastic starter for ten on how and why we need to be prepared. These are the two main types of hack that we should be concerned about:
- Transaction hijacking – Employing Shor’s algorithm mentioned above, a hacker could discover the private key via the public key and ‘spend’ the same coins on a different transaction, tying them up until you agree to release them to the hacker.
- 51% attacks – these attacks could occur when the threat actors gains control of the hashing power, then manipulate the data throughout the blockchain, rewrite the transaction history and carry out ‘double spends’
(There are a few more possibilities, but as these are the main concerns, so we’ll stop there!)
So, what can you do to protect your blockchain and crypto against quantum computers?
The best thing to do is to find a company that employs quantum encryption techniques, meaning you’re safe now from all current levels of attack using standard computation, and in the future, against QC attacks. There are a few solutions out there, but keep in mind that not all of them are as robust as they seem.
For now, our blockchain (and thus our cryptocurrencies) are safe. But sadly, all good things eventually get the attention of thieves.