The threat of quantum computing to blockchain technology is a significant and a well-known risk within the cybersecurity and cryptography communities. While a functional, large-scale quantum computer capable of breaking current encryption is likely still a number of years away, the time to prepare is now.
The Nature of the Quantum Threat
The security of most modern blockchain networks, including Bitcoin and Ethereum, relies on a combination of cryptographic techniques. A quantum computer could fundamentally undermine two of the most critical:
- Breaking Asymmetric Encryption: The public-key cryptography used to secure a user’s wallet is highly vulnerable to quantum computers. Bitcoin and Ethereum, for example, use the Elliptic Curve Digital Signature Algorithm (ECDSA). A quantum computer running Shor’s Algorithm could, in theory, efficiently derive a user’s private key from their public key. This would allow a malicious actor to steal funds from a wallet that has an exposed public key, such as one that has made a transaction in the past.
- Weakening Hash Functions: Hash functions, like SHA-256, are used to secure the blockchain’s data structure and its consensus mechanisms. While quantum computers don’t outright “break” hash functions, a quantum algorithm known as Grover’s Algorithm could significantly speed up the process of a brute-force attack, which could weaken the security of Proof-of-Work mining and potentially allow an attacker to gain a 51% attack. However, this is considered a less immediate threat than breaking public-key cryptography.
What’s Being Done: Post-Quantum Cryptography (PQC)
The solution to the quantum threat is a new class of cryptographic algorithms known as Post-Quantum Cryptography (PQC) or Quantum-Resistant Cryptography (QRC). These are new algorithms that are designed to be secure against both classical and quantum computers.
The global effort to standardize these new algorithms is a collaborative project led by the U.S. National Institute of Standards and Technology (NIST).
- NIST’s Standardization Process: In 2016, NIST launched a global competition to solicit, evaluate, and standardize new quantum-resistant algorithms. After years of evaluation, NIST has selected a number of algorithms for standardization, with the first three standards finalized in late 2024. These new standards, such as ML-KEM and ML-DSA, are based on different mathematical principles (like lattice-based cryptography and hash-based signatures) that are believed to be resistant to quantum attacks.
- The “Harvest Now, Decrypt Later” Threat: A major concern is that encrypted data being sent today could be intercepted, stored, and then decrypted at a later date when a powerful quantum computer becomes available. This is why it is urgent for organizations to begin adopting PQC now, even before a quantum computer is a practical reality.
The Blockchain Community’s Response
The blockchain community is actively preparing for this transition in a number of ways:
- Adopting Post-Quantum Standards: Major blockchain networks are researching and evaluating how to implement these new PQC standards. The transition will require a coordinated effort, as the entire network must be upgraded to a new set of cryptographic rules.
- Creating Quantum-Resistant Blockchains: Some new projects, like The Quantum Resistant Ledger (QRL), are being built from the ground up to be quantum-resistant. These projects have already integrated quantum-safe cryptography into their core architecture.
- Hybrid Cryptographic Models: To ensure a smooth transition and maintain backward compatibility, many projects are planning to use a hybrid cryptographic model. This involves using both a traditional, pre-quantum algorithm and a new PQC algorithm in a single protocol. This provides a layer of security even during the transition phase.
- Educating Users: Projects are encouraging users to migrate their funds to addresses that have never been exposed to the public. For example, a Bitcoin user who has a new wallet address that has not been used for a transaction is not vulnerable to a quantum attack.
While the “quantum apocalypse” makes for a dramatic headline, the reality is that the blockchain community is well aware of the threat and is proactively working to implement solutions long before a capable quantum computer is a reality.
