Quantum supremacy and the case for quantum security today in blockchain.

Google has reportedly hit quantum supremacy. This is an overview of that, why it matters, and what this news means to blockchain and other systems.

Contents

Overview

Recently, news has broken out about Google reportedly hitting quantum supremacy.

This was first reported by the financial times, who indicated that they’ve read a paper put on the NASA website before it was later taken down for unknown reasons. Since then, sites like Gizmodo, MIT Technology Review, and Fortune have covered the event with more easily on the horizon.

While we’ll have to wait for Google to comment before we can confirm this milestone, there is some merit as they’ve been at the verge of achieving quantum supremacy for the last year when Google collaborated with NASA in 2018 to help them prove quantum supremacy. It was speculated late last year (2018) that the results would be seen within months.

Quantum supremacy, while ominous sounding, is really just a term that describes the ability of quantum computing devices to solve some specific (often limited in scope) problem that classical computers practically cannot. It’s the precursor to quantum advantage, where the problems become useful beyond merely demonstrating that they can solve problems that classic computers practically cannot.

Being able to outperform tasks of a classical computer is a watershed moment for quantum computing history.

What does this mean for blockchain?

If you’re not up to date, most blockchains (including all in the top 5 on CMC) use Elliptic Curve Digital Signature Algorithm (ECDSA) for public key cryptography. Using a quantum computer, Shor’s algorithm can be used to break ECDSA.

What this means is powerful enough quantum computers can derive the private key from the public key. So if an adversary gets your public key (and has access to a powerful enough quantum computer), then they can derive your private key, create a transaction, and empty your wallet.

As of June of 2018, it’s been calculated that 36% of bitcoins reveal their public keys. Further complicating the above matter, anytime you make a transaction, your public key is revealed to the network. At that point, if the quantum computer is fast enough, (or the network is congested, you pay a low tx fee, etc), a private key can be derived and a new transaction with a higher fee can be made which will process sooner, and empty your wallet.

More can be read in the paper “quantum attacks on bitcoin, and how to protect against them”.

While all of the above is absolutely true, it should also be noted that quantum supremacy isn’t going to break blockchain today. Despite this, we absolutely should be ready for one that can.

The nuance of risk

As blockchain is a ledger of transactions entrusted by the soundness of cryptography, it’s of paramount importance to ensure that the cryptography backing it is secure.

Without that security, the blockchain as a system that can’t be trusted — and there would be no point using it. It doesn’t matter how great your UI is or how many transactions per second or what smart contract features you have, without a foundation of security there’s no blockchain as we know it today.

With this in mind, it’s generally well understood that under the assumption that quantum computers are going to continue to make progress, at some point blockchain developers will need to update the cryptographic portion of their blockchain to be quantum resistant.

How much time do they have? Well, there’s a lot of considerations to take place. Everything from the advancement of quantum computers to the time to select and implement the algorithm. Allen Walters laid out everything in his article that took Mosca’s Theorem Of Risk Determination and applied it to Blockchain.