There’s been a lot of focus recently on encryption within the context of cryptocurrencies. Taproot being implemented in bitcoin has led to more cryptographic primitives that make the bitcoin network more secure and private. Its major upgrade from a privacy standpoint is to make it impossible to distinguish between multi-signature and single-signature transactions. This will, for example, make it impossible to tell which transactions involve the opening of Lightning Network channels versus regular base layer transactions. The shift from ECDSA signatures to Schnorr signatures involves changes and upgrades in cryptography.
Yet these cryptographic primitives might need to shift or transition in the face of new computers such as quantum computers. If you go all the way back down to how these technologies work, they are built from unsolved mathematical problems — something humans haven’t found a way to reduce down to our brain’s capacity for creativity yet limited memory retrieval, or a computer’s way of programmed memory retrieval. Solving those problems can create dramatic breaks in current technologies.
I sat down with Dr. Joël Alwen, the chief cryptographer of Wickr, the encrypted chat app, to talk about post-quantum encryption and how evolving encryption standards will affect cryptocurrencies. Here’s a summary of the insights:
1- Quantum computers vs encryption — lots of hype now, but very little of substance
Despite all of the marketing hype around quantum computing and “quantum supremacy”, the world isn’t quite at the stage where the largest (publicly disclosed) quantum computer can meaningfully break current encryption standards. That may happen in the future, but commercially available quantum computers now cannot meaningfully dent the encryption standards cryptocurrencies are built on.
2- Quantum computer and encryption experts need to bridge the gap between one another
Quantum computer and encryption experts are not communicating with one another as much as they should. This means that discrete advances in quantum computing may happen with a slight lag in how encryption would operate. It’s been the case that nation-states, such as China, have been “going dark” on research related to quantum — this has the effect of clouding whether or not serious attempts can be made on the encryption standards of today, and disguising the sudden or eventual erosion of encryption — a sudden break that might mean devastation for cryptocurrencies and other industries that rely on cryptography.
It’s been known that many encryption schemes that defeat classical computers may not be able to defeat a sufficiently powerful quantum computer. Grover’s algorithm is an example. This is a known problem and with the continued development of quantum computers, will likely be a significant problem in a matter of time.
3- Breaking encryption not only modifies the present but also the past
Encryption standards being diluted now is not only a risk for the future, but also an attack on the conversations and transactions people will have to remain private in the past as well. Past forms of encryption that people relied upon would be lost — the privacy they assumed in the past would be lost as well.
4- Proof-of-stake vs. proof-of-work doesn’t matter here: all digital signatures are vulnerable
Cryptographic primitives are baked into cryptocurrencies regardless of their consensus algorithm. A sudden shift in encryption standards will damage the ability for proof-of-work miners or those looking to demonstrate the cryptographic proof that they’ve “won” the right to broadcast transactions in the case of proof-of-stake designs such as the one proposed by Ethereum. Digital signatures are the common point of vulnerability here, as well as the elliptic curve cryptography used to protect private keys.
Everything here breaks if the digital signatures are no longer valid — anybody with access to public keys could then spend amounts on other people’s behalf. “Wallet ownership would be up for grabs.” says Dr. Alwen. Proof-of-work or proof-of-stake as a consensus algorithm would be threatened as well — in all cases, the “proof” would no longer be valid and have it be authenticated with digital signatures — anybody could take anybody else’s blocks.
While proof-of-work blocks would have some protection due to the increasingly specialized hardware (ASICs) being manufactured specifically for block mining, both systems would have vulnerabilities if their underlying encryption scheme were weakened. Hashing might be less threatened — but quantum compute threatens key ownership and the authenticity of the system itself.
5- Cryptocurrencies can be proactive towards post-quantum encryption
Post-quantum encryption is certainly possible, and a shift towards it can and should be proactive. “There’s real stuff we can do.” Dr. Alwen says here. Bitcoin and other cryptocurrencies may take some time to move on this issue, so any preparatory work should be regarded as important, from looking at benefits and costs — “you can get a lot of mileage out of careful analysis”.
It’s helped here by the fact that there is a good bottleneck in a sense: there are only really two or three types of cryptographic techniques that need replacement. Digital signatures and key agreement are the two areas that need the focus. Patching these two areas will help the vast majority of vulnerabilities that might come from quantum computation.
It’s important to note that a sudden and critical break in encryption would affect other industries as well — and each might have different reasons why an attack would be more productive or they might be more slow to react. Yet if there were a “revolution” tomorrow, this would pose a clear and direct threat to the decentralization and security promises inherent in cryptocurrencies. Because of how important encryption and signatures are to cryptocurrencies, it’s probable that cryptocurrency communities will have many more debates before or after a sudden break, but time would be of the essence in this scenario. Yet, since encryption is such a critical part of cryptocurrencies, there is hope that the community will be more agile than traditional industries on this point.
If a gap of a few years is identified before this break happens, a soft fork or hard fork that the community rallies around can mitigate this threat along with new clients. But it requires proactive changes and in-built resistance, as well as keeping a close eye on post-quantum encryption.
6- Encryption standards will have to evolve to face quantum computers
It is likely that instead of thinking of how to upgrade the number of keys used or a gradual change, that post-quantum encryption will require dabbling into categories of problems that haven’t been used in classical encryption. Dr. Alwen has written about lattice-based cryptography as a potential solution. NIST, the National Institute of Standards and Technology currently responsible for encryption standards has also announced a process to test and standardize post-quantum public-key encryption.
7- Hardware wallets offer the best security in principle now for keys
Hardware wallets are in principle the way to go now for security in a classical environment Dr. Alwen points out, having done research in the space. The fact that they’re hard to upgrade is a problem, but it’s much better than complex devices like laptops and cell phones in terms of the security and focus accorded to the private key.
8- To keep up with cryptography, it’s best to consult some resources
In order to keep up with cryptography and its challenges, MIT and Stanford open courses are a good place to start to get the basic terminology. There is for example, an MIT Cryptography and Cryptanalysis course on MIT OpenCourseWare and similar free Stanford Online courses.
There are two areas of focus: applied cryptography or theory of cryptography. Applied cryptography is a field that is more adjacent to software engineering, rather than math-heavy cryptography theory. An important area is to realize what role suits you best when it comes to learning: making headway on breaking cryptography theory or understanding from an engineering perspective how to implement solid cryptography.
When you’re a bit more advanced and focused on cryptography theory, Eprint is a server that allows for an open forum for cryptographers to do pre-prints. Many of the most important developments in the field have been posted there.
Cryptocurrencies are co-evolving with other technologies. As computers develop into different forms, there are grand opportunities, from space-based cryptocurrency exchange to distributed devices that make running nodes accessible to everybody.
Yet, in this era, there will also be new technologies that force cryptocurrencies to adapt to changing realities. Quantum computing and the possibility that it might eventually break the cryptographic primitives cryptocurrencies are built on is one such technology. Yet, it’s in the new governance principles cryptocurrencies embody that might help them adapt.
This is a syndicated post. Read the original post at Source link .