**The effects of quantum computing on cryptocurrencies is bound to have a huge effect on network security. With the exponential increase in computing capabilities, the efficacy of brute force attacks massively increases. Despite slow development, the risk is real and needs to be discussed – so when should you start worrying about quantum computers?**

**Current Development of Quantum Computing**

Earlier this year, IBM launched a 20 qubit computing device that is to be used for commercial purposes. Qubits are basic units of quantum information and unlike binary bits that scale liberally, qubits grow exponentially. That means when you put two qubits together, the power isn’t two plus two as it is with binary systems – it’s two multiplied by two.

In 2018, Intel launched a 49 qubit chip and Google created a 72 qubit chip called Bristlecone. Both of these are still not enough to break Bitcoin’s Elliptic Curve Digital Signature Algorithm (ECDSA). For reference, *Quantum Resistant Ledger* estimates the world’s most powerful supercomputer runs at 72 qubits, at 80 qubits quantum computing will the faster than the fastest supercomputer, and to run Shor’s algorithm a system would need to operate with at least 3000 qubits.

Shor’s algorithm is a formula that allows a quantum computer with sufficient qubits and resistance to quantum noise to break public key cryptography. When Shor’s algorithm becomes implementable, on a 3000 qubit engine, cryptography will need to have scaled to a quantum resistant algorithm that can withstand the sheer speed of quantum systems.

**Direct Effect on Cryptocurrencies**

In order to understand how quantum computing can affect individual networks, consider the case of Bitcoin – which uses ECDSA cryptography. The immutability of the ledger is the strongest selling point of Bitcoin and it technically cannot be affected even by a 3000 qubit quantum computer. This is because quantum computing breaks cryptography but it cannot break the manual governance of storing the ledger on thousands of devices.

What it can do is brute force it’s way from an individual’s public key to their private key. Any address would be compromised, meaning a potential hacker could steal the hundreds of thousands of BTC from the Satoshi’s addresses. So before quantum computing scales to this level, Bitcoin and other cryptocurrencies need to develop quantum resistance. But Bitcoin is still being developed and turned into a global settlement layer, so there’s isn’t much room for developers to think about and deal with quantum computing.

**Scaling for Quantum Resistance**

The ability to fend off a quantum attack is not a feat most devices of today can boast about. While there are quantum resistant signatures and algorithms, Bitcoin, in particular, is very stubborn and opposed to upgrades unless it fixes a critical vulnerability. By the time the threat of quantum computing is in grasp, it may be too late for stubborn networks to properly implement security measures. This is why it’s essential the discussion on how to scale to quantum resistant networks is necessary today. But there is a counter-narrative to this; as Andreas Antonopolous said, “every time we fail to scale for tomorrow, we succeed in scaling for today”. Simply put, discussion on scaling needs to begin but, as always, it isn’t going to push us toward a viable solution right away.

But what are the ways cryptocurrency can scale to quantum resistance? The solution to this purely lies in public key cryptography – which is the aspect of the network that quantum computing can break.

There are a number of cryptographic methods that allow for some degree of quantum resistance; among those are Lamport signatures, supersingular elliptic curves, and the eXtended Merkle Signature Scheme (XMSS). All of these are hash-based cryptography except supersingular elliptic curve which is a method of establishing a hash between two parties through a compromised communication channel.

### IOTA: Preparing for the Future

One of the most interesting developments happening with blockchains is interoperability between platforms. With ideal interoperability, blockchain’s can communicate with each other and pass on that information. The Internet of Things (IoT) relies on machine learning algorithms to filter out the useful information from the hoard of noise surrounded by it. IOTA aims to be the digital currency network through which IoT transactions are routed.

With a fairly simple model on the outside, IOTA is a self-validating cryptocurrency with no transaction fees or miners. IOTA isn’t even a blockchain; it’s a Directed Acyclical Graph (DAG), which is a subset of distributed ledger technology. IOTA utilizes Winternitz cryptography which is a derivative of Lamport cryptography – a quantum resistant crypto signature algorithm. Lamport signatures are quite heavy for wide-scale distribution over a network; the Winternitz signature essentially compresses a Lamport signature.

Without getting too technical, an IOTA private key is 128 kilobits while a Bitcoin private key is 256 bits – nearly 220 times more complex than a Bitcoin signature, making a brute force attack near impossible. The drawback of these signatures is the inability to use an address more than once. Witnernitz/Lamport signatures reveal half the private key; using it twice would lead to between 51 and 100 percent of the private key in the hands of the network. This isn’t a major drawback as you can generate a new address, which is a practice that should be carried over to any cryptocurrency.

### The Endgame

Quantum resistant cryptography will end up becoming the only kind of cryptography that exists in the not-so-distant future. Based on the trajectory quantum computing has taken so far, 3000 qubit machines should be viable in the next 3-6 years, but a larger degree of problems will show up and development will be slowed down due to the need for error correction and ability to withstand quantum noise.

The cryptographers of our generation are working on making encryption more secure and improving existing algorithms to be able to withstand quantum attacks. Now, the cryptocurrency community has a responsibility to work side by side with cryptographers to find ways to seamlessly integrate this encryption into their networks.

In conclusion, quantum computing is not a worthwhile threat for the next 2-3 years (at bare minimum) but this doesn’t mean it should be ignored and solutions should be sought only when it’s close to breaking. Constant upgrades and developments are essential to any technology that aims to not go obsolete.

**3AbQrAyRsdM5NX5BQh8qWYePEpGjCYLCy4**