Is the foundation of cryptocurrency shaken by the resurgence of quantum threat theory?

Original | Odaily Planet Daily Azuma

Recently, the threat of quantum computing to cryptocurrencies has once again become a hot topic of discussion online. The renewed interest in this issue is due to several key figures in the quantum computing and cryptocurrency industries making new predictions about the development of quantum computing and its potential capabilities.

First, on November 13, Scott Aaronson, a leading figure in the field of quantum computing and director of the Quantum Information Center at the University of Texas, mentioned in an article: "I now believe that before the next U.S. presidential election, we may have a fault-tolerant quantum computer capable of running Shor's algorithm…"

Following that, on November 19, Ethereum co-founder Vitalik Buterin also spoke at the Devconnect conference in Buenos Aires, stating that elliptic curve cryptography (ECC) could be broken by quantum computing before the 2028 U.S. presidential election, urging Ethereum to upgrade to quantum-resistant algorithms within four years.

What is Quantum Threat?

Before interpreting Scott and Vitalik's predictions, we need to briefly explain what is meant by "quantum threat."

In short, the quantum threat to cryptocurrencies refers to the possibility that sufficiently powerful quantum computers in the future could break the cryptographic foundations that currently secure cryptocurrencies, potentially undermining their security models.

Currently, the security of almost all cryptocurrencies (such as Bitcoin and Ethereum) relies on a technology called "asymmetric encryption," which consists of two key components: "private key" and "public key":

• Private Key: Kept secret by the user, used to sign transactions and prove ownership of assets;
• Public Key: Generated from the private key, can be made public, used as a wallet address or part of an address.

The cornerstone of cryptocurrency security is that ------ it is currently computationally infeasible to derive the private key from the public key. However, quantum computing could leverage principles of quantum mechanics to significantly accelerate the process of solving certain mathematical problems (such as the Shor algorithm mentioned earlier), which is precisely the weakness of asymmetric encryption.

To further explain what Shor's algorithm is, without delving too deeply into mathematics, the essence of Shor's algorithm is that it can transform a mathematically "nearly unsolvable" problem on a classical computer into a "relatively solvable" periodicity search problem on a quantum computer, potentially threatening the existing "private key - public key" cryptographic system of cryptocurrencies.

For a more relatable example, you can easily turn a basket of strawberries (analogous to a private key) into jam (analogous to a public key), and it's obviously impossible to reverse the jam back into strawberries, but suddenly a cheat (analogous to quantum computing) might find a convenient way (analogous to Shor's algorithm) to achieve this.

Is the foundation of cryptocurrency shaken?

If that's the case, doesn't it mean cryptocurrencies are doomed?

Don't panic, the quantum threat objectively exists, but the problem is not as urgent as it seems. The reasons for this are mainly twofold. First, there is still time before the real threat arrives; second, cryptocurrencies can upgrade to implement quantum-resistant algorithms.

First, even if Scott's prediction comes true before the 2028 election, it does not mean that it will truly threaten the security of cryptocurrencies; Vitalik's statement does not imply that the foundations of Bitcoin and Ethereum will be shaken, but merely points out a theoretical risk that exists in the long term.

Haseeb, managing partner at Dragonfly, explained that there is no need to panic about the new timeline for quantum computing, running Shor's algorithm does not equate to breaking a real 256-bit elliptic curve key (ECC key). You can use Shor's algorithm to break one number ------ which is impressive enough ------ but to factor a number with hundreds of digits requires a much larger scale of computation and engineering capability… This matter deserves serious attention, but it is by no means imminent.

Cryptocurrency security expert MASTR provided a clearer mathematical answer, stating that breaking the elliptic curve signatures (ECDSA) currently used by Bitcoin, Ethereum, and other cryptocurrencies would require about 2300 logical qubits, 10¹² to 10¹³ quantum operations, and after error correction, it would need millions to billions of physical qubits; however, the currently realized quantum computing only has 100 to 400 noisy qubits, with a high error rate and short coherence time ------ the demand for breaking the former is still at least four orders of magnitude away.

As for the second point, cryptographers in the industry are also developing new post-quantum cryptography algorithms (PQC) that can resist quantum computing attacks, and mainstream blockchains have already prepared for this.

As early as last March, Vitalik wrote an article titled "If Quantum Attacks Come Tomorrow, How Will Ethereum Solve It?," in which he mentioned the effectiveness of Winternitz signatures, STARKs, and other defenses against quantum threats, and even envisioned how Ethereum should urgently upgrade in the event of an unexpected situation.

Compared to Ethereum, Bitcoin may not be as flexible in executing upgrades, but the community has already proposed various potential algorithm upgrade solutions such as Dilithium, Falcon, and SPHINCS+. Recently, with the rise of related discussions, Bitcoin OG Adam Back also stated that the cryptographic standards for the post-quantum era could be implemented long before a substantial quantum computing threat emerges.

In summary, the quantum threat is like a "master key" hanging in the distance, theoretically capable of unlocking all the current blockchain's cryptographic locks, but the lock makers have already begun researching new locks that this master key cannot open, and are preparing to replace all the doors with new locks before the master key is completed.

This is the current objective reality regarding the quantum threat; we cannot ignore its progress, but we also do not need to panic blindly because of it.