Chatter on the cryptographic side of cryptocurrency has been growing over the past couple of years about the threat posed by quantum computing, an entirely new type of computer that would be many orders of magnitude more powerful than current ones — so powerful that many modern forms of encryption will be crackable.
Including the cryptography that makes it impossible to figure out the private key code needed to transfer — spend — a cryptocurrency token from the public key code that identifies that particular coin or stablecoin.
So, it is a real threat? The short answer: Yes
The long answer is quantum computing is a threat that many developers — including Ethereum creator Vitalik Buterin — believe is at least a decade off. Still, that’s close enough and real enough that if you’re building a financial payments system for the long haul, it’s something you want to be aware of in the development stage.
“Once quantum computing becomes powerful enough, then essentially all the security guarantees will go out of the window,” University of California-Berkeley professor and computer security entrepreneur Dawn Song said in October, CNET reported. “When public key cryptography is broken, users could be losing their funds and the whole system will break.”
How Soon Is Soon Enough?
The threat is something that some very serious crypto industry designers agree with enough to at least begin preparations.
Buterin believes the threat is at least a decade old, so Ethereum’s are more theoretical in the realm of working on the math and cryptography that will be needed.
The Hyperledger Foundation, an open-source software project for business-oriented, enterprise blockchain projects with supporters like Accenture, IBM and Visa is already working on post-quantum cryptography, CNET added.
In a Dec. 6 podcast, Cardano creator Charles Hoskinson said that the No. 7 blockchain by market capitalization is preparing for quantum computing even though “it’s not a real problem today, it’s not a concern. There is no working quantum computer that poses a threat to any cryptographic system.”
What they are doing, the Ethereum co-founder said, is beginning to “model the algorithms we have against the quantum adversary,” he said.
And while it’s not a deliverable for 2022, “the knowledge is there, the people are there and if it’s a priority for the next five years of Cardano, it’s something that can be done.”
Start Working
Indeed, the Biden administration directed several agencies to begin “the multi-year process of migrating vulnerable computer systems to quantum-resistant cryptography,” in a July memo.
“This process of changing all the blockchains could take four or five years, and that’s part of the understanding of why we have to start this process now,” Jack Hidary, the CEO of Quantum computing and artificial intelligence firm Sandbox AQ, told CoinDesk in May.
That’s a conclusion Deloitte reached last year in a paper titled, “Quantum risk to the Ethereum blockchain — a bump in the road or a brick wall?”
Despite the long quantum computing timeline, “it is generally accepted that cryptocurrencies will eventually have to migrate to quantum-secure algorithms,” the audit and consulting giant said.
This poses two big problems. First, the algorithms will cause headaches with the current cryptocurrency systems. Second, the distributed governance of many blockchains means a major upgrade can take years longer than it would in a traditional corporation.
“Currently, very few cryptocurrencies have made the first steps towards becoming quantum-secure, and most cryptocurrencies do not even identify this problem in their roadmaps,” Deloitte said. “If we fail to act on time, rushing into solutions when the threat becomes more imminent, the chance of implementation errors increases which can have an undesired outcome.”
Meaning Y2K.
If you’re not old enough to have been paying attention around 1997, 1998 and 1999, a panic set in as boards of directors and elected officials were told that when the new millennium hit and calendars rolled over, older computer systems that relied on two-digit year dates would not be able to handle “00” and would have the computing version of a meltdown. The crisis was nicknamed Y2K for the “year 2000.”
Now, only older systems — a decade and more primarily — would be affected. Everything from the small manufacturing plant to municipal streetlights to Department of Defense systems would just stop working. There was talk of planes literally falling out of the sky.
In the end, nothing happened, either because it was overblown or because so much effort and money were put into overhauling old systems that they didn’t collapse.