Blockchain Is Especially at Risk for Quantum Attacks, Scientists Warn

By Ryan F. Mandelbaum on at

Blockchain is meant to be secure – but a new paper from quantum computing scientists warns that quickly advancing quantum technology poses a vulnerability for the much-hyped blockchain.

Blockchain is the technology behind bitcoin. It’s found uses as a secure digital ledger and authentication system maintained by its users, rather than by one central authority. But quantum computers may soon have the ability to break its codes.

“Quantum computers pose a risk to any kind of security where public key cryptography is involved,” Alexander Lvovsky, experimental physicist at the University of Oxford, told Gizmodo. “However, blockchains are especially at risk, because they’re completely anonymous. They’re only protected by public key cryptography, whereas banking has human tellers, plastic cards, and ATMs. You have to be a human to use a bank, but you don’t have to be human to use the blockchain.”

A computer processor translates all information into a series of individual units called bits, which can take on one of two values and interact through the rules of logic. Quantum computers are simply a new kind of computer processor whose quantum bits, or qubits, can take on values between zero and one during the calculation and interact with all the mathematics of regular computers, plus new operations based on the physics of subatomic particles. Presumably, these new operations would give quantum computers a leg up over classical computers when it comes to complicated computing tasks like creating advanced artificial intelligence or modelling chemical interactions. But most importantly to this conversation, it has the potential crack the widely used public key cryptography.

Data is normally encrypted using one-way functions, an operation such that it’s easy to combine two inputs but difficult to untangle them. Multiplying large prime numbers is an example of a one-way function used in cryptography. Computers can generate a code by performing the easy task of multiplying large prime numbers, but computers have difficulty factoring large numbers into primes without having some information about what went in. One day, a quantum computer might easily perform this factoring and render this cryptographic method useless. It’s unclear when this quantum advance will happen.

Blockchain relies on these one-way functions to create hard-to-forge digital signatures for items on the ledger, by combining data on the ledger and the new item to be added. But there are no humans to strengthen the defences. “A blockchain is particularly at risk from this because one-way functions are its sole line of defence – a user’s only protection is their digital signature, whereas bank clients are protected by plastic cards, security questions, identity checks and human cashiers,” the authors of the commentary published in Nature write.

It’s hard to gauge how concerned we should really be. Quantum computers are in their very early days, comparable to the vacuum-tube era of regular computers. One advanced enough to run the number-factoring, encryption-cracking Shor’s algorithm could be several decades away, but new algorithms advance quickly, and there have been whisperings and papers describing methods that might be able to reverse these one-way functions perhaps in a decade.

“Much like today’s [quantum computing] hardware is not mature, algorithms that could threaten cryptography in the near term are not mature, but advancing rapidly,” Nick Farina, CEO of quantum computing startup EeroQ Quantum Hardware, told Gizmodo. “The solution is not to panic, but to follow developments on both sides of quantum computing closely and look into post-quantum security a little bit sooner than you currently are planning to.”

Robert Sutor, vice president at IBM Research who is responsible for the IBM Q program, agreed that it’s not too early to beef up security. “Most everyone is in agreement that it is wise to now investigate the next generation of encryptions protocols. Indeed, this should be a standard part of every organisation's cybersecurity and data-protection operations,” he told Gizmodo.

The solutions are those we’ve long been writing about: For the short-term, scientists are developing post-quantum secure algorithms (one-way algorithms difficult for both classical and quantum computers) that could be employed in the blockchain business. Further down the line, quantum communications are advancing, from processors to the quantum internet, that could offer new encryption technologies.

But it’s worth getting started early. “The sword is still a matter of the future – it doesn’t exist,” said Lvovsky. “But the shield already exists.” [via Nature]

Featured image: Magnus Hagdorn (Flickr)