Quantum computing isn’t new, yet there is a fear that the computing power it can offer at a commercial level could be used by threat actors to break the private keys that a lot of digital interactions are based on.
This includes breaking the private keys used to protect the wallets of many cryptocurrencies.
While this is a legitimate risk and threat, it won’t happen overnight. However, it’s important to analyze where quantum computing stands in regard to its commercial offerings and whether it can really pose a threat to cryptocurrencies.
A quick primer before we dig into the details of quantum computing risks. It leverages the principles of quantum mechanics to perform computations. Unlike classical computers that use bits as the basic unit of information (0 or 1), quantum computers use quantum bits or “qubits,” which can exist simultaneously in multiple states (0, 1, or both 0 and 1 through superposition).
Additionally, qubits can be entangled, allowing quantum computers to solve complex problems much more efficiently than classical computers.
Quantum Calculations and Risks
The risks posed by quantum computing to cryptographic systems can be illustrated through Shor's algorithm, which allows quantum computers to factorize large integers exponentially faster than the best-known classical algorithms. The security of many cryptographic systems, such as RSA, relies on the difficulty of factorizing large composite numbers.
For example, RSA-2048 is a widely used cryptographic key size and a baseline for cryptocurrency private keys that are used in many ecosystems to sign and authorize transactions.
To break RSA-2048 using even the most powerful commercial computers available today, even in sprawling clusters of machines, would take billions of years. An attempt that succeeded in 2009 at breaking a RS-768 (768 bit number), was factored using hundreds of clustered machines and took several years. The jump to 2048 is exponential in effort and not realistic on any human timescale.
Shor’s algorithm is often used as a reference term when quantum computing is discussed as it factors various numbers simultaneously as opposed to running them sequentially. A sufficiently powerful quantum computer running Shor’s algorithm could in theory break a 2048-bit key providing it has enough qubits.
A paper by Craig Gidney and Martin Ekerå from 2021 titled How to factor 2048-bit RSA integers in 8 hours using 20 million noisy qubits effectively argues this and posits that breaking a 2048 bit key in a few hours would require around 20 million qubits. Even realistic timescales of a few years would enable thousands of qubits and this is assuming there are no error rates (one of the issues with quantum computing today).
This indicates that while quantum computers are progressing, there is still a considerable gap between current capabilities and the requirements needed to break modern cryptographic systems.
Current Quantum Commercial Offerings
Looking at the commercial offerings in quantum computing that exist today there is quite a variation. IBM Q System one, Google Sycamore, Rigetti Aspen-9 and even AWS Braket are all commercial offerings that exist today. If you had the necessary funding you could fire them up to get started.
The only problem is that the qubits available for all these offerings do not surpass even a few dozen, which is not enough to break any size key in any meaningful timescale (again, unless waiting a few million years is ok with you).
On top of the lack of quantum processing power, you would have to contend with qubit stability, error correction and scalability with today’s offerings.
That is without mentioning physical requirements. This is because quantum computers need to operate at cryogenic temperatures and have heavy magnetic shielding as qubits are sensitive to even small electromagnetic fluctuations.
When Quantum Will Become a Threat
Unfortunately, there isn’t a ‘Moore’s Law’ of quantum computing which dictates how often CPU strength will increase over time.
There was a “Neven’s law” floated by Google’s Hartmut Neven which accounted for ‘double exponential’ growth of Quantum computing power, but this hasn’t proven very successful aside from measuring progress of R&D quantum computing power.
Running a rough calculation for today’s machines, achieving double exponential growth to get to 20 million physical qubits would take roughly another four years (again, assuming all the other limitations such as error correction are also overcome).
Conclusion
While quantum computing holds the potential to revolutionize various fields, including cryptography, there is still a considerable journey ahead before it can break modern cryptographic keys, such as those used in cryptocurrencies.
With quantum-resistant algorithms already making their way into cryptographic protocols, this will also increase the timescales at which the threat from quantum computing will arrive, ensuring the continued protection of sensitive data in a quantum future for some time yet.