Something has to be done about the quantum computer security threat


When it comes to technology, revolutionary is a word that gets overused. But if there’s one thing in the world of 21st century computing that will deserve being described as such, it’s a fully functional quantum computer. It's no exaggeration to suggest that quantum computers have the potential to change the world as we know it.

Quantum computers are coming sooner than you might expect, in fact there are already functional, if rudimentary systems that have been developed by giants including IBM, Microsoft and Google along with many others. And you can be sure that the governments of the world are working behind the scenes in a quantum arms race. What we see in public is likely not at the bleeding edge of quantum computing research and devlopment.

The power of a quantum computer, versus that of a classical computer—or QC vs PC—is they're set to dramatically advance fields as diverse as climate science, biology, and machine learning. But there's another application, and it's a somewhat shady one: espionage.

The governments of the world see quantum computers as a tool to break encryption standards. A fully functioning and stable high qubit quantum machine has the potential to wreak havoc across the internet. Previously secure networks would be vulnerable and public confidence in financial systems could collapse. 

Forget Y2K, think Y2Q.

Then there are cryptocurrencies. Quantum computers could pose an existential threat to crypto, but I'll get to that a bit later. First, a crash course in quantum computing.

What is a quantum computer?

The qubit circuits of Google’s Sycamore quantum computer

(Image credit: Google)

What is a quantum computer?

Your next upgrade

(Image credit: Future)

Best CPU for gaming: The top chips from Intel and AMD
Best gaming motherboard: The right boards
Best graphics card: Your perfect pixel-pusher awaits
Best SSD for gaming: Get into the game ahead of the rest

The functions of a classical computer are based around the use of bits, or binary digits, represented by 1s or 0s. A quantum bit, or a qubit as it's known, can exist as a 1 or 0, or both at the same time. This makes a QC much more adept at seeking answers to problems with a large number of outcomes or possible combinations than a classical computer.

A qubit harnesses the properties of quantum superposition. Via quantum entanglement, a qubit can be linked to other qubits to exponentially increase processing power. In simple terms, a QC is excellent at leveraging probabilities, which means that the answers to complex operations are exponentially faster with more qubits. A QC with enough qubits is capable of certain computations that a classical computer can never realistically solve. In certain cases, a calculation that a quantum computer could complete in mere minutes may take billions of years, or more to solve on even the world's most powerful supercomputer today. 

The point at which a quantum computer can outperform a classical computer is called quantum supremacy. Some researchers already claim it has occurred, but any such claim is very specific, and completely impractical in a real world sense. There are also significant challenges to overcome before quantum computing becomes a commercial reality. Qubits are tricky things, to put it mildly, and maintaining coherence and scaling them is an area of ongoing research.

It's likely that we're many years away from practical quantum computers, but with enough stable qubits, there are some genuinely world-changing possibilities within reach. For now, the one I'll focus on is the ability to crack encryption. That might be the number one reason for governments to develop quantum computers.

The internet is vulnerable

Security Padlock

(Image credit: Pixabay)

The security of the internet is vulnerable

It goes without saying that there's a need for network security. Military networks, financial systems, critical infrastructure, communications. You name it, it all needs to be secure to maintain confidence in the system. Security is built upon encryption.

Much of the encryption underpinning internet security is based upon prime numbers. As far back as 1994, American mathematician Peter Shor developed what is known as Shor's algorithm. It is used to find the prime factors of an integer. Put simply, this algorithm can be used to break many public key cryptography schemes, including RSA, one of the most widely used, and oldest algorithms for encryption.

I don't mean to be a scaremonger here. A QC capable of breaking a large key RSA encryption is probably years away at best, but the theoretical vulnerability exists, and the time to protect the possibility of an attack against it is now. 

The governments of the world are developing post-quantum encryption schemes. US National Institute of Standards and Technology (NIST) is undertaking a multi-year project with the aim of standardizing one or more quantum-resistant public-key cryptographic schemes. If successful, most of the world's networks should transition to security which will appear seamless to the wider public. 

In the end, Y2K wasn't the catastrophe that many doomsayers predicted. Hopefully quantum computers vs public key encryption passes with as little impact as Y2K did.

The moral of the story is that it's important not to ignore the threat posed by a QC. If the NSA is taking steps to secure its networks, then others should take the threat seriously too.

Cryptocurrencies face an existential threat

Fake Bitcoin on pile of coins

(Image credit: Pixabay, MichaelWuensch)

Cryptocurrencies face an existential threat

Quantum computers present an existential threat to many cryptocurrencies. Bitcoin is the logical example to use. Bitcoin’s core protocol relies on Elliptic Curve Digital Signature Algorithm (ECDSA) to create a private key and a corresponding public key. A sufficiently powerful QC can derive the private key from the public key. This allows an attacker to access that particular wallet. ECDSA is not easy to crack, but the potential is there and ignoring it is fraught with danger given the notoriously slow pace of blockchain development combined with head-in-the-sand tribalism.

Bitcoin’s early wallets are particularly vulnerable due to their use of pay to public key (p2pk) addresses, including the Satoshi Nakamoto era wallets. QC sceptics will say that BTC developers can hard fork to a quantum resistant signature scheme, and that’s certainly true, but those dormant wallets remain vulnerable. Some estimates put the number of lost bitcoins at up to 25% of the entire supply. That's a lot of BTC.

What if a million bitcoins suddenly appeared on the market? Confidence would plummet and the price of bitcoin would crash. A hundred billion dollars, give or take is a juicy target for a rogue state. North Korea could certainly use the money. 

But BTC and other cryptos aren't just about wealth. Their decentralised nature is antithetical to the ideologies and financial sectors of many countries. A country like China might wish to destroy all confidence in crypto, in order to remain in control of its financial sector. Perhaps the US might covertly attack crypto in order to prevent its use by criminals. Russia might.. well, who knows what Russia might do.

Some cryptos have already adopted QC secure signature schemes. Others including Ethereum and Cardano have quantum signatures or protection on their roadmaps. 

I want to note again, my aim here isn't to pronounce doom and gloom. Bitcoin and others will survive if they take steps to protect against QCs, it's just that time is definitely ticking along. Cryptocurrencies already face numerous adversaries day after day, and yet it survives. 

But it's time to get past the FUD and take quantum computers seriously. Developers need to act now. It might be a year or 10, but If a black swan event occurs, it’ll be far too late to do anything about it. The later the threat gets taken seriously, the harder it will be to mitigate against it.

Should you be worried?

Wifi is available here sign

Do you need to worry about quantum computers?

No. Don't stress. Most of the legwork is being done behind the scenes and your current passwords and data should remain unaffected as long as the corporate caretakers of it are competent.

You can do things like change your private keys to longer key lengths where possible, but it's pretty safe to say that an adversary with a quantum computer isn't going to be worried about accessing your personal router, banking, or Coinbase password. There's bigger fish in the sea to go after.

The main thing is to be aware of the possible threat. The more people that are aware, the more questions get asked and hopefully answered. With any luck, by the time a fully functional quantum computer sees the light of day, the world will continue just as it always has, while enjoying the benefits they will bring.

In the future, hopefully stories like this one will be long forgotten, much like those Y2K doom and gloom articles were. I want to move on to talk about how a quantum computer can help to solve the really big problems, like clean energy, cures or treatments for things like cancer or diabetes, developing next generation materials, climate simulation or managing an entire city full of self-driving cars. But we all know that the likes of China and the US are after strategic and national security objectives first. And with that in mind, the wider internet and cryptocurrency remains vulnerable.