Hacking bitcoin wallets with quantum computers could happen – but cryptographers are racing to build a workaround
Stefan Thomas really could have used a quantum computer this year.
The German-born programmer and crypto trader forgot the password to unlock his digital wallet, which contains 7,002 bitcoin, now worth $265 million. Quantum computers, which will be several million times faster than traditional computers, could have easily helped him crack the code.
Though quantum computing is still very much in its infancy, governments and private-sector companies such as Microsoft and Google are working to make it a reality. Within a decade, quantum computers could be powerful enough to break the cryptographic security that protects cell phones, bank accounts, email addresses and — yes — bitcoin wallets.
“If you had a quantum computer today, and you were a state sponsor – China, for example – most probably in about eight years, you could crack wallets on the blockchain,” said Fred Thiel, CEO of cryptocurrency mining specialist Marathon Digital Holdings.
This is precisely why cryptographers around the world are racing to build a quantum-resistant encryption protocol.
Right now, much of the world runs on something called asymmetric cryptography, in which individuals use a private and public key pair to access things such as email and crypto wallets.
“Every single financial institution, every login on your phone — it is all based on asymmetric cryptography, which is susceptible to hacking with a quantum computer,” Thiel said. Thiel is a former director of Utimaco, one of the largest cryptography companies in Europe, which has worked with Microsoft, Google and others on post-quantum encryption.
The public-private key pair lets users produce a digital signature, using their private key, which can be verified by anyone who has the corresponding public key.
In the case of cryptocurrencies such as bitcoin, this digital signature is called the Elliptic Curve Digital Signature Algorithm, and it ensures that bitcoin can only be spent by the rightful owner.
Theoretically, someone using quantum computing could reverse-engineer your private key, forge your digital signature, and subsequently empty your bitcoin wallet.
“If I was dealing in fear-mongering … I’d tell you that among the first types of digital signatures that will be broken by quantum computers are elliptic curves, as we use them today, for bitcoin wallets,” said Thorsten Groetker, former Utimaco CTO and one of the top experts in the field of quantum computing.
“But that would happen if we do nothing,” he said.
Crypto experts told CNBC they aren’t all that worried about quantum hacking of bitcoin wallets for a couple of different reasons.
Castle Island Ventures founding partner Nic Carter pointed out that quantum breaks would be gradual rather than sudden.
“We would have plenty of forewarning if quantum computing was reaching the stage of maturity and sophistication at which it started to threaten our core cryptographic primitives,” he said. “It wouldn’t be something that happens overnight.”
There is also the fact that the community knows that it is coming, and researchers are already in the process of building quantum-safe cryptography.
“The National Institute of Science and Technology (NIST) has been working on a new standard for encryption for the future that’s quantum-proof,” said Thiel.
NIST is running that selection process now, picking the best candidates and standardizing them.
“It’s a technical problem, and there’s a technical solution for it,” said Groetker. “There are new and secure algorithms for digital signatures. … You will have years of time to migrate your funds from one account to another.”
Groetker said he expects the first standard quantum-safe crypto algorithm by 2024, which is still, as he put it, well before we’d see a quantum computer capable of breaking bitcoin’s cryptography.
Once a newly standardized post-quantum secure cryptography is built, Groetker said, the process of mass migration will begin. “Everyone who owns bitcoin or ethereum will transfer [their] funds from the digital identity that is secured with the old type of key, to a new wallet, or new account, that’s secured with a new type of key, which is going to be secure,” he said.
However, this kind of upgrade in security requires users to be proactive. In some scenarios, where fiat money accounts are centralized through a bank, this process may be easier than requiring a decentralized network of crypto holders to update their systems individually.
“Not everybody, regardless of how long it takes, will move their funds in time,” said Groetker. Inevitably, there will be users who forget their password or perhaps passed away without sharing their key.
“There will be a number of wallets … that become increasingly insecure, because they’re using weaker keys.”
But there are ways to deal with this kind of failing in security upgrade. For example, an organization could lock down all accounts still using the old type of cryptography and give owners some way to access it. The trade-off here would be the loss of anonymity when users go to reclaim their balance.