Whether Bitcoin and its’ forks can resist quantum computing? This question divides the crypto community into two opposing groups. On the one hand, crypto-enthusiasts believe Bitcoin can resist quantum technologies. On the other hand, crypto-realists pay much more attention to quantum safety. Let’s look at the arguments of both groups and try to draw conclusions.
The quantum computer can’t hack Bitcoin..?
Those who don’t believe in the quantum vulnerability of most cryptocurrencies, give the following arguments. «In Bitcoin, your public key isn’t (initially) made public. While you share your Bitcoin address with others so that they can send you bitcoins, your address is only a hash of your public key. Not the public key itself. What does that mean in English? A hash function is a one-way cryptographic function. It takes an input and turns it into a cryptographic output. So, you can’t derive the input from the output. It’s kind of like encrypting something then losing the key» (https://news.bitcoin.com/antonopoulos-bitcoins-protection-against-quantum-computing/).
Indeed, bitcoin addresses are not stored in clear. And if the hash of a public key had been stolen it wouldn’t have been of any use to potential hackers. It is impossible to derive a public key of a digital signature from a hash value. Therefore, it is impossible to derive a private key.
However, there are a couple of nuances. Bitcoin’s enthusiasts deliberately or through ignorance forget to mention them.
How the supercomputer will hack Bitcoin
On the example of Bitcoin, let’s consider two possibilities to damage blockchain. So, you want to send some bitcoins to your friend. But you can’t send only a certain part of coins from your wallet. You will have to send all your bitcoins to a friend. Then you get the change back to your wallet. Thus, the following information is broadcasted to the network:
– number of coins transferred
– public address of your friend’s bitcoin wallet
– the digital signature ECDSA generated by your private key
– your public key to the digital signature
All these data as part of your transaction are broadcasted to the network in unencrypted form!. Because blockchain nodes have to validate the digital signature in the transaction with unencrypted (non-hashed) public key. The average generation time of a new block is 10 minutes. However, the time of processing your transaction in a new block may be higher. It also depends on the fee you assigned for miners. If the fee is too low, the transaction may be waiting for more than 10 minutes. Therefore, a potential attacker has at least 10 minutes. It is enough to intercept your public key openly placed on the network.
So, the transaction was confirmed. And the change got back to the same bitcoin address from which the transaction was made. The hacker knows the public key of your ECDSA signature. Then the «quantum» attacker derives the private key of your bitcoin address to which the change got back. And steals your bitcoins.
There is the way to protect ECDSA against hacking by a quantum computer. In this case, you just need to use a new bitcoin address each time to get the change back. Indeed, nothing is left on the previous bitcoin address. Accordingly, the hacker has nothing to profit from. Oddly enough, until now many crypto-users hold their funds on bitcoin addresses already “flashed” on the network.
But you are not going to keep your coins on the new bitcoin address forever. Sooner or later, you will need to make a transaction from the new address. A hypothetical «quantum» hacker has at least 10 minutes to steal your public key which is on the network in the clear. And then to derive your private key, quickly make his own transaction from your address setting a higher fee for miners. But what do the scientists say? “As early as 2027 a quantum computer can break ECDSA in less than 10 minutes.”
As we can see, Bitcoin and similar altcoins can be hacked using a quantum computer. But only under certain conditions. This problem is quite feasible with a sufficiently powerful quantum computer. Also, some cryptocurrencies have tokens and smart contracts tied to static addresses. For example, Ethereum. And they will be even more vulnerable. Because in this case, a public key will be “flashed” on a network after a first transaction.