Craig Wright on the (non)viability of quantum computing attacks

Getting your Trinity Audio player ready...

Some have expressed concern that advancements in quantum computing would render existing forms of encryption as ineffective. If speculators are to be believed, blockchain would no longer have its advantage of immutability as achieved through the proof-of-work system.

Quantum computing, as described in a Royal Society Open Science article published last June, “makes use of various quantum phenomena, such as superposition and entanglement, to represent classical data in a quantum context and to manipulate it in ways that produce interpretable results.” The authors state that a polynomial time quantum algorithm discussed in a 1999 article by Peter Shor, would make Bitcoin, or any cryptocurrencies using the Elliptic Curve Digital Signature Algorithm for signing transactions, vulnerable.

“Although the early generations of QCs do not have enough qubits to solve problems large enough to affect Bitcoin, different alternatives for the architecture of QCs are being considered, tested and implemented… so a sudden improvement in the approach might lead to a powerful QC appearing virtually overnight,” the article reads. According to the authors, data on the blockchain could eventually be compromised, with attackers accessing private keys merely through knowledge of public keys.

Among the recommendations given is “a sufficiently long delay phase” prior to considering blocks confirmed, the protocol modifications of which could be achieved through a soft fork.

Dr. Craig Wright, chief scientist of nChain, in his paper on quantum computing in relation to Bitcoin, says such imagined attacks are not economically viable.

If, for the sake of argument, such quantum attacks were performed, a machine costing $150 million would be able to crack 12 private keys over a period of a year, meaning that each public key would have to hold $12.5 million for an attacker to break even. 

“Even targeting the largest known addresses would only lead to a scenario where individuals move their funds to an unused bitcoin address. The simple reality is that no scenario exists where it would be viable to use a quantum computer to attack Bitcoin,” Wright added.

Moreover, he said that “existing evidence asserts that quantum computer attacks are not viable in any foreseeable future, irrespective of economic costs.” In spite of uncertainty being sown by certain quarters for their own purposes, he said that “[t]he reality is there is nothing to fear.”

In addition, Wright stressed the prudence of not using public addresses repeatedly. “Bitcoin addresses cannot be attacked if the public keys have not been exposed,” he said.

Wright does foresee an eventual use of quantum computing in relation to cryptocurrencies, but as part of recovery systems, not attacks. For example, he said, inheritors of an unknown private key might obtain access to it, through old addresses.