Quantum computers need far less qubits to crack crypto than thought: Google

New research from Google shows that quantum computers could require far less power than previously thought to break the cryptography that secures cryptocurrency blockchains. 

Google’s new research, released on Monday, estimates a quantum computer could crack the cryptography protecting Bitcoin (BTC) and Ethereum (ETH) using fewer than 500,000 physical qubits, based on its current assumptions about hardware capabilities. A qubit is the basic unit of a quantum computer. 

The researchers compiled two quantum circuits to test on a superconducting-qubit, cryptographically relevant quantum computer (CRQC), reporting that it was a “20-fold reduction” in the number of qubits required to break the 256-bit elliptic curve discrete logarithm problem (ECDLP-256) widely used in cryptocurrency blockchains.

The research suggests that in a theoretical scenario, a quantum computer could crack a Bitcoin private key in as little as nine minutes, giving it a small window to perform an “on-spend attack” given Bitcoin’s 10-minute block time.  

An “on-spend” quantum attack is a hypothetical future threat where a quantum computer is able to decipher a private key from a public key exposed during a transaction, allowing the attack to steal the funds. 

“We should estimate the time required to launch an on-spend attack starting from this primed state at the moment the public key is learned to be roughly either 9 minutes or 12 minutes.”

“My confidence in Q-Day by 2032 has shot up significantly. IMO there's at least a 10% chance that by 2032 a quantum computer recovers [...] private key from an exposed public key,” said co-author and Ethereum researcher Justin Drake. 

Ethereum is vulnerable to “at-rest attacks” 

The researchers also warned that Ethereum’s account model is “structurally prone to at-rest attacks,” which means they don’t require timing. 

An “at-rest” attack similarly uses a public key to derive a private key using a quantum computer, but in this case, there is no need to do it within a certain window.

The moment an Ethereum account sends its first-ever transaction, its public key is permanently visible on the blockchain. A quantum attacker can take their time deriving the private key from any exposed public key.

“This results in account vulnerability: a systemic, unavoidable exposure that cannot be mitigated by user behavior, short of a protocol-wide transition to PQC [post-quantum cryptography],” it stated. 

Google estimated that the 1,000 wealthiest exposed Ethereum accounts, holding about 20.5 million ETH, could be cracked in fewer than nine days.

Related: Bitcoin’s quantum-resistance lag may become Ethereum’s bull case: Nic Carter

The search giant said it wanted to raise awareness of this issue and is “providing the cryptocurrency community with recommendations to improve security and stability before this is possible.”

Google recommended transitioning blockchains to PQC now rather than waiting for real threats to emerge. 

Quantum deadline accelerated 

On Wednesday, Google set a 2029 deadline for its post-quantum cryptography migration, warning that “quantum frontiers” could be closer than they appear.

The following day, crypto entrepreneur Nic Carter said elliptic curve cryptography is on the “brink of obsolescence,” adding that Ethereum developers were already working on solutions while Bitcoin developers had a “worst in class approach.” 

The Ethereum Foundation released its post-quantum roadmap in February, while co-founder Vitalik Buterin said validator signatures, data storage, accounts and proofs must change to prepare for quantum threats.

Magazine: Nobody knows if quantum secure cryptography will even work