These are words of Konstantinos Karagiannis
CTO, Security Consulting, Americas, BT.
But is it safe?
My RSA 2017 talk, “Hacking Blockchain”, includes a fair amount of time explaining historic and current attacks faced by all implementations of the technology. A lot of these attacks are old school, focusing on supporting technology and not on the blockchain itself.
Consider attacks against credentials used at an online cryptocurrency exchange. Such exchanges act as hot wallets, or storage of funds available for transacting online at any time. Traditional authentication hacking of these sites can lead to illegal transactions. Some attacks are even more creative, such as the ability to force a cold or offline wallet to become hot and therefore a target for fraudulent transactions.
The major issue I cover, though, is the inherent flaw on page one of Satoshi’s paper. That elegant if pesky line about “computationally impractical to reverse” transactions. You see, the crypto behind cryptocurrency is actually public key. We are likely less than three years away from this being completely hackable by a quantum computer.
Facing reality.
Fantasy? Hardly. Labs around the world have already proven that quantum computers can run Shor’s Algorithm and almost instantly find the private key of a public key pair even 4,096 bits long. Because of how public key works in most blockchain implementations, including Bitcoin, this would mean any time a transaction occurs, a quantum computer has everything it needs to obtain a user’s private key. Spend a single cryptocoin, and any entity with a quantum computer can download that currency’s blockchain, see your transaction, and in a few moments spend the rest of your funds.
The threat seems even worse if you consider blockchains designed to prove ownership of land or other critical identity-related transactions. A private key attack here can lead to an irreversible type of identity theft, at least within that blockchain ecosystem.
The NSA has already warned against the use of non-quantum-safe encryption. Its’ time to realise we may be rushing towards putting everything on a digital house of cards rather than an unbreakable chain. Let’s fix blockchain’s inherent flaws now, before it’s too late.
If you want to see our Blockchain demo in person, why not visit Innovation 2017, our technology and innovation exhibition taking place in June.
$0.00Reply Edit Delete
I found your response most interesting, as I had not heard about the progress being made in cracking the keys. I wonder how a wallet like DASH Evolution would effect the cracking, as the 'public keys' are never actually made public, only a user name for which only the wallet knows the keys.
The hacking of Bitcoin would be like the enigma machine, you would have a powerful tool but never be able to use it. The moment word got out that it was possible, anything you steal would be worthless. No one would be willing to trade fiat for the broken crypto.
Very interesting food for thought. This makes me rethink some things while simultaneously inspiring me to think of ways to prevent these type of attacks before they're really relevant.