By 2025, up to 10% of global gross domestic product is likely to be stored on blockchain1. A blockchain is a digital tool that uses cryptographic techniques to protect information from unauthorized changes. It is at the root of the Bitcoin cryptocurrency2. Blockchain-related products are used everywhere, from finance and production to healthcare, in a market worth over $ 150 billion.
When information is money, data security, transparency and accountability are essential. A blockchain is a secure digital register or register. It is collectively managed by users all over the world, rather than by a single central administration. Decisions as if adding an entry (or a block) to the ledger are based on consensus – so personal trust does not enter. Any part of the inside or outside of the network can verify the integrity of the ledger by making a simple calculation.
But within a decade, quantum computers will be able to break the cryptographic codes of a blockchain. Here we highlight how quantum technology makes blockchains vulnerable and how they could make them safer.
One-way codes
Blockchain security is based on one-way & # 39; mathematical functions. These are simple to perform on a conventional computer and difficult to calculate otherwise. For example, the multiplication of two large prime numbers is easy, but finding the main factors of a given product is difficult: it may require a conventional computer for many years.
These functions are used to generate digital signatures that blockchain users use to authenticate themselves to others. These are easy to control and extremely difficult to fake. One-way functions are also used to validate the transaction history in the blockchain register. The hash, a short sequence of bits, derives from a combination of the existing ledger and the block to be added; this changes every time the content of the item is changed. Again, it is relatively easy to find the hash of a block (to process the information to add a record) but it is difficult to choose a block that would produce a specific hash value. This would require inversion of the process to derive the information that generated the hash.
Bitcoin also requires that the hash satisfies a mathematical condition. Anyone who wants to add a block to the ledger must keep his or her computer running in a random search until this condition is met. This process slows down the addition of blocks, giving time to everything to be recorded and controlled by everyone in the network. Moreover, it prevents any individual from monopolizing the administration of the network, because anyone with sufficient computing power can contribute with blockages.
However, within ten years, quantum computers will be able to calculate one-way functions, including blockchains, used to protect the Internet and financial transactions. The widely distributed unidirectional cryptography will instantly become obsolete.
Information security has undergone first mass extinctions. For example, during World War II, German military messages were coded and deciphered using Enigma machines, initially giving the Axle powers an advantage until the Allies cracked the Enigma code. And in 1997, the Data Encryption Standard, an algorithm for encrypting electronic data that was in the state of art, was broken into a public competition to prove its lack of security. This gave rise to a second competition for the development of a new protocol, which led to today's Advanced Encryption Standard.
Quantum advantage
Quantum computers take advantage of physical effects, such as overlapping states and entanglements, to perform computational tasks. At the moment they are much less powerful than conventional computers, but will soon be able to outperform certain tasks. One of these examples is the breaking of security protocols based on cryptographic algorithms, as pointed out by the mathematician Peter Shor in 19943. A blockchain is particularly at risk because the one-way functions are its only line of defense: the only protection of the user is the digital signature, while bank accounts are protected by plastic cards, security questions , identity checks and human cashiers.
The crack of digital signatures is therefore the most imminent threat. An evildoer equipped with a quantum computer could use the Shor algorithm to falsify any digital signature, impersonate that user and take possession of his digital resources. Most specialists think that this venture would require a universal quantum computer (one capable of performing a wide variety of calculations), which is more than a decade away. However, some researchers suggest that this could happen earlier, using emerging quantum computing devices that have more limited capabilities, such as those developed by D-Wave computing firms, Google and others.4,5.
Quantum computers will quickly find solutions, potentially allowing the few users who have them to censor transactions and monopolize the addition of blocks to the Bitcoin registry (known as mining). These parts could sabotage transactions, prevent registration or double spending. An international team of researchers has highlighted the potential impacts of these attacks6, with a report at the beginning of this year, to trace the threats and suggest a possible alternative solution7.
If nothing is done to update the protocols, the cryptocurrencies will crash abnormally when quantum computers become available.
Improve security
Fortunately, quantum technologies also offer opportunities to improve the safety and performance of blockchains.
Quantum cryptography. Quantum communications are intrinsically authenticated: no user can impersonate another. These technologies use the states of individual light particles (photons) to encode the bits and communicate them. Fundamental physics establishes that quantum states can not be copied or measured without being altered. Any interceptor will be immediately discovered.
Quantum cryptography can be used to replace classic digital signatures and to encrypt all peer-to-peer communications in the blockchain network. Our group has demonstrated such a simple system8. However, the complexity and cost of quantum cryptographic networks will limit their adoption. In particular, the current protocols require that each node of the network be connected to each other through fiber-optic channels, because there is no trust in any intermediate node and therefore all communications must be direct. Protocols will be needed to maintain secure communications even when information passes through unreliable nodes; these systems have been developed but must be made more accessible to consumers.
Photon losses in optical fibers represent another challenge. These limit the range of modern quantum key distribution systems to a few tens of kilometers. The solution is to develop a quantum repeater, which uses quantum teleportation and quantum optical memory to distribute entangled states between communicating parts. Research is progressing, but it is still far from the realization of a practical device.
In the meantime, one-way functions should be strengthened. Some alternative cryptographic features have been proposed9 this should be just as difficult to reverse using conventional or quantum computers. Although not completely safe, these could run on existing hardware and take time, but could also be decrypted over the long term.
Quantum Internet. The use of quantum communication technology and the computational processing of blockchain data would further improve security and enable blockchains to become faster and more efficient. This step requires a 'quantum internet'.10 – connection of quantum computers through a quantum communication network. It would therefore be possible to completely execute quantum blockchains. These would circumvent some computationally intensive steps of the current verification and consensus processes, and therefore would be more efficient and safer. The proposed Quantum Bitcoin currency could be realized, with its security ensured by the no-cloning cloning theorem. Such quantum "bills", if they still prove necessary in the future, could be made impossible to falsify by counting the quantum information records11.
The quantum internet is several decades away, so "blind quantum computing" is a temporary transition. In this, a user with a conventional computer could execute an algorithm on a remote quantum computer without sharing the input data or the algorithm. This technology would allow the quantum computing platforms of the public cloud, making blockchains cheaper and more accessible.
Next steps
The business blockchain needs to upgrade its existing software to use one-way cryptographic functions that are just as difficult to reverse using conventional or quantum computers9. Until these post-quantum solutions are established or standardized, platforms need to be flexible and capable of changing cryptographic algorithms on the fly.12.
The long-term answer is to develop and enhance the quantum communication network and, subsequently, the quantum Internet. This will require major investment by governments. However, countries will benefit from the increased security offered13. For example, Canada secures census data for 92 years, a term that only quantum cryptography can provide. Government agencies may use quantum-guaranteed blockchain platforms to protect citizens' personal financial and health data. Countries that have conducted major research efforts in quantum technologies, such as China, the United States and members of the European Union, will be among the first to adopt. They should invest immediately in the search. For example, Blockchains should be a case study for the Quantum Key Distribution Europe test program in Europe.
These risks need to be given much more urgency: their impact could be serious.