Preparing Bitcoin for the Threat of Quantum Computing
Bitcoin’s nature as a first of its kind digital currency retains its value based on a few simple variables. The concept that it can be transferred with ease and without a high cost, the fact that it is internationally available and makes transfers between deals across the world simple and the reliability of the chain’s security which is impossible to hack with today’s technology. This final aspect of bitcoin needs to be examined further as the countdown to the first quantum computers ticks faster and faster, and the Elliptic Curve Digital Signature Algorithm (ECDSA) is finally crackable.
Quantum Computing will Break ECDSA
If an ECDSA exploit is found, bitcoin becomes worthless as soon as the public hears about it. There’s no real way around that, as once that security is gone there is no way to tell if a transaction came from the original owner of those coins with any certainty.
Due to this, interestingly enough, the most effective attack on the currency actually comes from someone not actually using the exploit to steal bitcoin. Figuring out the exploited, shorting bitcoin and then simply making the exploit public would be highly effective as legal damage to the hacker would be null, his profits would be high and bitcoin as we know it would crash to obscurity.
With current tech, this is an unachievable goal. The algorithms for exploiting ECDSA are much too complicated with today’s computers, but with quantum computers inching closer and closer to reality this may not be the case much longer.
Besides creating an entirely new currency when the time comes, via a hard fork or some other means which come with their disastrous consequences on the economy, a few solutions have been set out as alternatives to using ECDSA.
Quantum Proofing Bitcoin
When considering a new security key algorithm, there are a few factors at play to maintain the decentralized nature of bitcoin. Storage, bandwidth and computation energy required effect the length of the key, the signature length and verification time. As these are very important to make sure the currency is usable and transferable, choosing a new algorithm in a post-quantum world is difficult.
The actual solution here is up for debate, though there are some theoretical ways to have a safe post-quantum bitcoin. The optimal seems to lie under the assumption that the ECDSA can and will be cracked and to have a safeguard against it outside the bitcoin client. Notably upgrades to wallet security through multi-level keys based on a highly resolute signature scheme, such as XMSS, seems to be the best bet in guarding the future of bitcoin.
If this type of security layering is adopted, then it should work even if the ECDSA is already cracked. Higher security means no hard forks are required, and the only risk is for users using unsecured wallets. A community-wide change and adoptions of these higher-level security features will be needed to be able to maintain bitcoin in its current state, as increasing signature security within the Bitcoin chain itself will have the potentially disastrous consequences of increased transaction time and potential hard forks.