Computing Profession

The Quantum Threat to Cryptocurrencies

Considering the security of cryptocurrencies in a quantum computing world.
Quantum computing could fundamentally break cryptocurrencies like Bitcoin and throw markets into turmoil.

Much of the modern world is built on trust: you trust governments, banks, and vendors to keep your money valuable, usable, and safe from theft. However, these bonds of trust are often broken. Governments in some parts of the world see their currencies hyperinflate. Banks in troubled regions freeze funds and accounts. Vendors are hacked or extorted, revealing sensitive customer information to criminals.

The issue of trust is one reason cryptocurrencies—digital, cryptographically secured assets—have exploded in popularity.

Bitcoin is the most popular of this asset class. It is an electronic currency that relies only on math, not a government or bank, to secure its transactions. All transactions are registered in a public ledger that is verified by the computers that make up the Bitcoin network.

In many countries, you can exchange Bitcoin for goods and services; you can also buy or sell it on exchanges. For many, it is a form of payment that circumvents the authority and regulations of centralized powers like governments or banks. This appeal—and a good amount of hype—have caused Bitcoin to appreciate by more than 10 times this year alone.

Yet the entire growth of cryptocurrencies relies on a single concept: trust in the cryptographic encryption that verifies transactions and keeps the currency ledgers safe. This could all come crashing down once quantum computing comes online.

A computer in two places at once

Quantum computing, as WIRED elegantly describes, "takes advantage of the strange ability of subatomic particles to exist in more than one state at any time. Due to the way the tiniest of particles behave, operations [on a quantum computer] can be done much more quickly and use less energy than classical computers."

These devices are not yet mainstream, but a few such machines exist, and their vast computational power could fundamentally threaten cryptocurrencies.

"The great majority of cryptocurrencies use an elliptic curve signature scheme, which can be broken by a sufficiently large quantum computer," says Troy Lee, associate professor at Nanyang Technological University Singapore and co-author of a paper on quantum attacks on Bitcoin.

In the case of Bitcoin, malicious actors armed with quantum computers could monopolize the computing power required to "mine" the currency. Mining requires each computer in the Bitcoin network to solve cryptographic puzzles; the reward is Bitcoin, and each block mined is logged in the public ledger. Each subsequent block becomes much more computationally intensive to mine. Right now, parties mining Bitcoin exist in a type of arms race, continually upgrading their hardware to mine Bitcoin, with no single party owning the majority of the network's computational power.

However, quantum computing could change that. The technology could be so much more powerful than traditional computing that a single actor with a sufficiently powerful quantum machine could monopolize the network. They could double-spend Bitcoin or another cryptocurrency, then rewrite the ledger to cover their crimes, while retaining their original coins. Essentially, they could spend fake money and convince everyone it was real.

"If nothing is done to prevent this, quantum computers could allow thieves to steal certain cryptocurrencies, including Bitcoin," says Marco Tomamichel, a researcher with the Center for Quantum Software and Information at the University of Technology Sydney, another co-author of the paper with Lee.

How a cryptocurrency crash could happen

The potential apocalypse for cryptocurrency depends on two things:

First, quantum computing must progress in power sufficiently to crack cryptocurrency cryptography. The main bottleneck, says Lee, is the number of qubits (the quantum version of bits) the quantum computer possesses. IBM, Lee says, announced a quantum computer with 50 qubits; to crack Bitcoin, he estimates you'd need one with 500,000.

Though it seems a long way off, both Lee and Tomamichel say quantum computers of sufficient strength could be here in 10 to 15 years, though Tomamichel cautions this is the "most optimistic estimate."

Second, to be cracked by quantum computers, cryptocurrencies would have to fail to evolve. Some, however, are already taking steps to counter quantum computers.

Problems, says Tomamichel, "can be relatively easily avoided by moving to signature schemes that are resistant to quantum attacks. Such schemes are currently an active topic of research." He cites the cryptocurrencies and The Quantum-Resistant Ledger (QRL) as examples of cryptocurrencies that have quantum resistance built into their design. IOTA, a cryptocurrency which uses not a blockchain but a distributed ledger technology called a Directed Acyclic Graph (DAG), is another that claims to be quantum-proof.

These developments have researchers cautious, but optimistic. There is a real danger to cryptocurrencies from quantum computing, but those dangers hinge on significant quantum computing developments and substantial lack of action from cryptocurrency creators.

"However," says Lee, "I do think it is time to plan and make preparations so that cryptocurrencies are ready when this change occurs."

Logan Kugler is a freelance technology writer based in Tampa, FL. He has written for over 60 major publications.

Join the Discussion (0)

Become a Member or Sign In to Post a Comment

The Latest from CACM

Shape the Future of Computing

ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.

Get Involved

Communications of the ACM (CACM) is now a fully Open Access publication.

By opening CACM to the world, we hope to increase engagement among the broader computer science community and encourage non-members to discover the rich resources ACM has to offer.

Learn More