In a new interview with Fred Schebesta of Finder.com, IBM executives discuss the threat of quantum computing against cryptocurrencies and blockchain cryptography.
Appearing at IBM Think 2019, Jesse Lund, vice president of blockchain and digital currencies at IBM says,
“It’s reverse engineering the private keys which represent the control of your wallet. Your public key is essentially your wallet which holds balances. And I think that’s a real, credible threat. Bitcoin is a public ledger. So you can go out and see which public keys are holding the largest balances and you could go out and target those (the hundred or thousands of bitcoin in there) and say I’m gonna spend effort (computing resource) to reverse engineer the private key from the public key, which is exposed. I think that’s even a near term threat.”
Quantum computers may one day be able to reverse engineer a private key from a public key, making existing forms of public key cryptography vulnerable. Lund believes at least half of all blockchains are susceptible.
The panelists say the threat extends to almost all encrypted systems, such as communications, smart vehicles, personal devices and private and government databases. To mitigate the threat of quantum computing against Bitcoin, Ethereum and most other cryptocurrencies, the team at IBM believes organizations should start quantum proofing their systems immediately.
Nev Zunic, chief technology officer for IBM data security services, says coders should begin addressing the quantum threat now.
“Companies need to be aware of quantum and the potential risk that it will bring so they can take actions today so that they are not hackable at some point in the life cycle of their products.”
Michael Osborne, manager of the security and privacy group at IBM Research in Switzerland says the new quantum era that we’re entering is putting a shelf life on the crypto we use today.
“Any system where it’s complicated to move – because you need the participation of everybody – those are the things you need to start thinking about early. You can’t wait until there’s a threat and then figure out how to migrate. Those things should be planned well in advance.”
“We don’t have 30 years anymore, the risk is too high. The advantages in quantum computing will break things before that.”
Zunic, who says the threat may take 10 years or more to arrive, adds that data being transmitted today can be impacted by the quantum computing of tomorrow.
“Another consideration is that any communications that are taking place today that are encrypted, could be intercepted today and stored for decryption at a later time. So if there’s sensitive transmissions between government bodies, organizations, financial transactions – that can be intercepted, stored and decrypted in the future. So organizations need to be aware of this today, and start taking action today, to future proof themselves against potential quantum attacks.”