The Bitcoin Boom And The Quantum Threat

March 3, 2021

Could Bitcoin become the world’s new reserve currency? As Bitcoin increasingly goes mainstream—with PayPal
, for example, adopting the high-flying cryptocurrency as a method of payment and Twitter’s
Jack Dorsey endorsing its use—some commentators certainly think so. St. Louis Federal Reserve president Jim Bullard even issued a statement that Bitcoin poses no threat to the U.S. dollar in the global economy—a case of trying to lock the barn door before the horse has even gotten inside.   

The appeals of Bitcoin to investors and financial institutions are many.  Unlike government-issued currencies, the Bitcoin supply is carefully limited, which points to a monetary stability reminiscent for some of the palmy days of the gold standard.  In addition, Bitcoin uses an encryption system that protects every transaction inside a ledger shared by all participants, forming what’s known as a block—hence the term blockchain. Some have dubbed blockchain the biggest innovation in banking since electronic markets were first introduced.  According to tech guru George Gilder, blockchain encryption is even going to be the safeguard of the future digital economy, promising user flexibility as well as protecting privacy and security.

Or will it?  Almost two and a half years ago I ran a column here on the dangers a large-scale quantum computer would pose to blockchain. I wrote:

“Quantum technology will be poised to decrypt the complex algorithms that asymmetric encryption systems use to secure almost all electronic data, including blockchain…. More specifically, blockchains rely on ECC – Elliptic Curve Cryptography – for authentication which can be broken by future quantum computers. So instead of the answer to all our cybersecurity vulnerabilities, blockchains could become just as vulnerable as web browsers, VPN’s, and other systems.”  

Now, as the Bitcoin boom grows, others are starting to ask the same question. Some harken back to  2017, and a study done by Divesh Aggarwal of the National University of Singapore when Bitcoin was last on the way to a record high. Aggarwal was forced to conclude the threat of future quantum computers to Bitcoin was real, and the danger could not be ignored.

Others still insist that the quantum computer threat is hype. A December 2020 column at by Roger Huang confidently titled, “Here’s Why Quantum Computing Will Not Break Cryptocurrencies,” asserted that “quantum computers being added to the mix won’t suddenly render classical modes of encryption useless or mining trivial — ‘quantum supremacy’ now doesn’t mean that your encryption or the security of bitcoin is at risk right at this moment.” (My emphasis).

Most of the commentary on Bitcoin and quantum computers, however, runs the other way. One month later an article in Cointelegraph pointed out, just as I did, that powerful quantum computers might become a threat to all blockchains that rely on the ECDSA (Elliptic Curve Digital Signature Algorithm), including Bitcoin and Ethereum.

A recent Deloitte report takes a deeper dive into the technical weeds, and points out there are two types of transactions going on with Bitcoin. The first stores its operations using a ‘pay to public key’ (p2pk) which was the dominant address in Bitcoin in its early days. In fact, the report points out, many of the original coins mined by founder Satoshi Nakamoto himself are still stored in these addresses.

The problem is, since all transactions in Bitcoin are public, anyone can obtain the public key from any p2pk address. A quantum computer running Shor’s algorithm could then use that key to crack the private key—that is, unless proper quantum-resistant defenses are in place. More on this later.

In the second type of Bitcoin transaction, the address of the recipient is composed of a hash of the public key, i.e. a one-way cryptographic function called ‘pay to public key hash’ (p2pkh). That means the public key is not directly revealed by the address. At first glance, that should mean that transactions using these addresses should be far safer and more secure.  

Unfortunately, as the Deloitte report explains, thanks to future quantum computers’ decrypting prowess, all coins in p2pk addresses and p2pkh addresses used more than once, are going to be just as vulnerable to quantum attack. Even if quantum computers do not evolve faster than experts currently predict, the report concludes, “Quantum computers are posing a serious challenge to the security of the Bitcoin blockchain.”  

Faced by these facts, even Roger Huang is forced to admit, “The real threat is when quantum computers become many scales larger than they currently are.” He adds, “It’s conceivable that these avenues of attack and perhaps other more unpredictable ones might emerge. ” Fortunately, “cryptocurrencies can be updated to use post-quantum encryption standards and defend against these weaknesses”—a point I made in my original column in 2018.  

Everything depends, then, on two factors. The first is how fast large-scale quantum computers evolve—the question being not if they are coming, but when. The second is, how much risk are Bitcoin investors willing to assume, and how long are the company’s founders—or even governments whose citizens are exposed to the quantum computer risk—willing to wait until they take the necessary steps to protect against quantum computer break-ins by using post-quantum cryptography; adopting post-quantum secure blockchains from companies like Quantum Resistant Ledger; and eventually turning to distributed ledger technology whose nodes actually rely on quantum computers.

Before the Bitcoin boom becomes a Bitcoin bubble, let’s ask what’s really needed to make sure the cryptocurrency future is as bright as its advocates like to assume.