Quantum attacks on Bitcoin, and how to protect against them

Divesh Aggarwal, Gavin Brennen, Troy Lee, Miklos Santha, Marco Tomamichel

Research output: Contribution to journalArticle

34 Downloads (Pure)

Abstract

The key cryptographic protocols used to secure the internet and financial transactions of today are all susceptible to attack by the development of a sufficiently large quantum computer. One particular area at risk is cryptocurrencies, a market currently worth over 100 billion USD. We investigate the risk posed to Bitcoin, and other cryptocurrencies, by attacks using quantum computers. We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers. On the other hand, the elliptic curve signature scheme used by Bitcoin is much more at risk, and could be completely broken by a quantum computer as early as 2027, by the most optimistic estimates. We analyze an alternative proof-of-work called Momentum, based on finding collisions in a hash function, that is even more resistant to speedup by a quantum computer. We also review the available post-quantum signature schemes to see which one would best meet the security and efficiency requirements of blockchain applications.
Original languageEnglish
Pages (from-to)68-90
Number of pages23
JournalLedger
Volume3
DOIs
Publication statusPublished - 10 Oct 2018

Bibliographical note

Version archived for private and non-commercial use with the permission of the author/s and according to publisher conditions. For further rights please contact the publisher.

Fingerprint Dive into the research topics of 'Quantum attacks on Bitcoin, and how to protect against them'. Together they form a unique fingerprint.

Cite this