Google Updates Estimates on Quantum Computing Resources Needed to Break Elliptic Curve Cryptography
Google has updated its estimates of the quantum computing resources needed to break elliptic curve cryptography, which secures cryptocurrency blockchains. New research from Google shows that quantum computers could require far less resources than previously thought to break the cryptography that secures cryptocurrency blockchains.
Introduction to Quantum Computing and Cryptography
The researchers compiled two quantum circuits to test on a superconducting-qubit, cryptographically relevant quantum computer (CRQC), reporting that it was a “20-fold reduction” in the number of qubits required to break the 256-bit elliptic curve discrete logarithm problem (ECDLP-256) widely used in cryptocurrency blockchains. A qubit is the basic unit of a quantum computer.
Quantum Attack Scenarios
The research suggests that in a theoretical scenario, a quantum computer could crack a Bitcoin private key in as little as nine minutes, giving it a small window to perform an “on-spend attack” given Bitcoin’s 10-minute block time. An “on-spend” quantum attack is a hypothetical future threat where a quantum computer is able to decipher a private key from a public key exposed during a transaction, allowing the attack to steal the funds.
Ethereum Account Model Vulnerability
The researchers also warned that Ethereum’s account model is “structurally prone to at-rest attacks,” which means they don’t require timing. An “at-rest” attack similarly uses a public key to derive a private key using a quantum computer, but in this case, there is no need to do it within a certain window. The moment an Ethereum account sends its first-ever transaction, its public key is permanently visible on the blockchain. A quantum attacker can take their time deriving the private key from any exposed public key.
Recommendations for Improvement
Google estimated that the 1,000 wealthiest exposed Ethereum accounts, holding about 20.5 million ETH, could be cracked in fewer than nine days. Google recommended transitioning blockchains to PQC now rather than waiting for real threats to emerge. On Wednesday, Google set a 2029 deadline for its post-quantum cryptography migration, warning that “quantum frontiers” could be closer than they appear.
Conclusion and Future Outlook
The Ethereum Foundation released its post-quantum roadmap in February, while co-founder Vitalik Buterin said validator signatures, data storage, accounts and proofs must change to prepare for quantum threats. Crypto entrepreneur Nic Carter said elliptic curve cryptography is on the “brink of obsolescence,” adding that Ethereum developers were already working on solutions while Bitcoin developers had a “worst in class approach.”
Stay Updated – Subscribe to Our Newsletter
Get the latest crypto news, analysis, and insights delivered straight to your inbox.
No spam, ever. Unsubscribe anytime.Master Crypto Security with Crypto Security 101
Protect your digital assets from hacks, scams, and theft. The Economic Ninja's essential course teaches you proven security practices every crypto holder needs.
Affiliate Disclosure: This is an affiliate link. We may earn a commission at no extra cost to you.
Enroll in Crypto Security 101 →DISCLAIMER: Content is for informational purposes only. Not financial, investment, or legal advice. Cryptocurrencies are highly volatile with substantial risks including complete loss of principal. Conduct your own research and consult qualified professionals before making financial decisions. We make no warranties regarding accuracy or completeness. Not liable for losses from use of this content. Affiliate Disclosure: Some links are affiliate links. We may earn commissions at no extra cost to you.
