Blockchain: Is it really secure?

With every innovation in quantum computing, the threat to blockchain increases

Blockchain has rapidly become one of the most disruptive technologies of the 21st Century, but with the continuous improvements in Quantum Computing, the foundations of the technology are starting to falter.

Blockchain, cryptocurrencies, NFTs and decentralised finance have become common terms, with blockchain now hailed as an extremely secure method of recording information and transactions due to the computational intensity of attempting to break it. Both companies and people have poured endless amounts of capital into the technology by buying cryptocurrencies or by developing their own chains.

But in a dynamic cyber environment, is this $2.7 Trillion dollar market really future proof and secure?

The short answer is no. 

With every innovation in quantum computing, the threat to blockchain increases.

There are two main issues that face the technology, the first being its reliance on a form of encryption known as public key cryptography; and second, its reliance on a type of algorithm called a hash function.

Public key cryptography is a method of encryption that publishes a public address for the world to see where they can encrypt information that only the holder of the ‘private’ key can see.

A hash is generated by running a widely known and well established algorithm on a piece of information to create a near unique digital representation of it. It is computationally impossible to construct the original information from a hashed representation, and they are said to be resistant to finding another piece of data that has the exact same digital representation. In proof-of-work blockchains, hashes are used in combination with random numbers to sign off a block.

So what’s the problem?

The threat from quantum computing to public key encryption is a known issue and has been discussed at length by many experienced professionals. It is an issue that both governments and commercial entities have recognised. NIST, the U.S. National Institute of Standards and Technology is currently in the process of defining what next phase of encryption also known as post-quantum encryption will be. Many experts will highlight that the types of quantum computers that are capable of cracking this are still far away, which is true.

However, the main near-term issue facing the chain comes from the threat to the hashing algorithm from quantum computing or quantum accelerated hardware. There are a few issues with the hash-method however the main issue facing these chains is that a quantum computer will be able to solve for these hashes at a much faster rate than any computational-based approach, thereby taking ownership of a network. Significant progress has been made in the past two years on a type of quantum algorithm called Grover’s algorithm, which poses the greatest risk to the network as a fully well error-corrected quantum computer is not needed. 

This risk is further accentuated due to the decentralised nature of blockchain, where the latest cyber technology hasn’t been built to integrate easily with e.g. new hardware based cryptography such as secure entropy sources or quantum random number generators.

Conversely, traditional banking infrastructure is relatively easy to update as the back-end software and hardware is managed centrally by each bank and each integrated party i.e. the list of parties that need to be secure is well known.

 What should we do?

If blockchain developers understand the challenge today and work on preparing themselves then they can be ready for a post-quantum world.