The Quantum Threat to Crypto Asset Ownership – Tioga Capital Partners
Crypto assets have a simple ownership principle. Assets are inextricably linked to secret keys, so transactions must include proofs of ownership of the corresponding secret keys. Crypto assets use digital signature algorithms to prove key ownership. For example, every Bitcoin transaction must include the signature produced by ECDSA — Bitcoin’s digital signature algorithm — run with the secret key corresponding to the relevant Bitcoin as input. The nodes of the Bitcoin network verify the signatures contained in transactions using the public keys corresponding to the secret key. If someone copies your secret key, then they too can generate signatures, and the Bitcoin network will treat them as the legitimate owner of your Bitcoin.
Digital signature algorithms guarantee that only those who know a secret key, can sign with that key. Hence public keys can be distributed without fear that anyone will learn anything about the underlying secret key or will be able to transact. All crypto assets fundamentally rely on the guarantees of digital signature algorithms to operate securely. The fact that a digital signature algorithm like ECDSA can provide such strong security guarantees results from decades of cryptographic research. A critical part of the research is understanding what mathematics can efficiently be solved, which requires modeling how computers calculate.
Quantum computers calculate in a fundamentally different way, and mathematical problems which classical computers have a hard time solving efficiently can be done more efficiently on quantum computers. In fact, many digital signature algorithms are designed to be secure against classical computers and give no guarantees against quantum computers, so it might be possible to recover secret keys from public keys or from signatures. As a result, crypto assets would collapse due to their fundamental reliance on digital signatures for proof of ownership.
Using new models for how quantum computers work, researchers have developed theoretical attacks against all currently deployed signature algorithms, such as ECDSA, with the most prominent being Shor’s attack. Progress is being made in the development of quantum computers, from advances in research from Google and IBM, to commercial offerings like the IBM Q System One and D-Wave. Yet much more powerful quantum computers are necessary to mount attacks against cryptographic algorithms and estimates frequently place those quantum computers at least 10–20 years away. So, why worry about it now?
If crypto assets are to be perceived as safe stores of value, competitive with gold, then they should withstand the test of time and remain secure in the long-term. Even knowledge of the existence of a quantum computer, without any evidence of an attack, would cripple trust in crypto assets.
Furthermore, it takes time to come up with new cryptographic algorithms and deploy them. Researchers have not yet settled on suitable digital signature algorithms, and current proposals for post-quantum secure candidates often result in a performance hit. An on-going competition run by the US National Institute of Standards and Technologies (NIST) is expected to complete by 2021. The COSIC research group of the KU Leuven, run by our Advisory Board member Bart Preneel, has two submissions. Some have proposed new post-quantum secure blockchains, such as Fawkescoin, and others have been deployed already, like ABCMint.
Finally, standardizing, deploying, and optimizing cryptographic algorithms for wide-spread use can take years. Implementers need to understand the algorithms and port them to different platforms, with enough care to ensure the implementations themselves are secure.
Published at Wed, 06 Nov 2019 15:59:06 +0000