RSA and Bitcoin at BIG Risk from Quantum Compute
Researchers find we’ll need 20 times fewer qubits to break public-key encryption than previously believed.
A new paper puts a fire under DevOps, IT teams and anyone else using modern RSA—or similar public-key cryptosystems. Factoring big primes now seems much, much easier for quantum computers than we thought even a few years ago.
Of course, the Devil is in the details. In today’s SB Blogwatch, we never shy away from detail.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: How a plane works.
PQC PDQ
What’s the craic? Mastufa Ahmed reports: Breaking RSA encryption just got 20x easier
“The findings sharply compress the timeline”
New research shows that RSA-2048 encryption could be cracked using a one-million-qubit system by 2030, 20x faster than previous estimates. Here’s what it means:
…
While current systems still operate with only hundreds of qubits, Google’s research shows that three technical breakthroughs — more efficient algorithms, advanced error correction, and optimized quantum operations — are dramatically lowering the threshold for real-world cryptographic threats. … The findings sharply compress the timeline for when current encryption standards could fall, compelling enterprises to accelerate post-quantum cryptography (PQC) adoption.
20 times? Skye Jacobs blows Reveille: Quantum computers could break RSA encryption sooner than expected
“Call to action”
The research, led by Craig Gidney, … shows that a 2,048-bit RSA encryption key – a standard for online security – could be cracked in less than a week by a quantum computer with fewer than one million noisy qubits. The finding is a dramatic reduction from earlier estimates.
…
The pace of progress in the field means the transition to quantum-resistant security measures can no longer be considered a distant concern. The study provides a blueprint for what a future attack might look like and serves as a call to action. … Gidney’s research does not suggest that quantum computers capable of breaking RSA encryption are imminent. Instead, it emphasizes the importance of proactive planning.
Horse’s mouth? Google’s Craig Gidney says when: Tracking the Cost of Quantum Factoring
“2030”
For decades the quantum and security communities have also known that large-scale quantum computers will at some point in the future likely be able to break many of today’s secure public key cryptography algorithms, such as Rivest–Shamir–Adleman (RSA). … 2048-bit RSA encryption could theoretically be broken by a quantum computer with 1 million noisy qubits running for one week. This is a 20-fold decrease in the number of qubits from our previous estimate, published in 2019. Notably, quantum computers with relevant error rates currently have on the order of only 100 to 1000 qubits.
…
The reduction in physical qubit count comes from two sources: better algorithms and better error correction. [One] key change is to compute an approximate modular exponentiation rather than an exact one. [Another] is tripling the storage density of idle logical qubits by adding a second layer of error correction
…
This new result does underscore the importance of migrating to … post-quantum cryptography (PQC) … standards in line with NIST. … The initial public draft of the NIST internal report … states that vulnerable systems should be deprecated after 2030 and disallowed after 2035.
But we’re getting there, right? Right? Our own Michael Vizard brings bad news: Limited Amount of Post Quantum Cryptography Progress
A survey of 1,042 senior cybersecurity managers … finds only 5% have implemented quantum-safe encryption. … Nation states are already harvesting encrypted data on the assumption that they will be able to decrypt it in the future using quantum computers.
…
The challenge, of course, is convincing business leaders to allocate resources to upgrade encryption algorithms and schemas in the face of so many other more immediate competing prioritie. [And] upgrading encryption algorithms and schemas requires multiple years of effort.
At which point, the cryptocurrency crew went ape. u/CBpegasus fears for the future of imaginary money:
The issue [is] transaction signing with ECDSA. Breaking the ECDSA scheme is actually waaaaaay easier for a QC than breaking SHA256. QC only has a quadratic advantage on reversing hash … but an exponential advantage on ECDSA — i.e., n to some power instead of 2n).
…
Once it becomes feasible to break ECDSA, any wallet can be targeted, depending on how quick and cheap it becomes it might not be a “waste” to target even non-whales. Of course once it becomes publicly known that it’s possible to drain any wallet the value of bitcoin will drop dramatically, maybe even to 0 depending on how easy the attack is.
How will we know if this becomes a reality? Here’s @camerondurham.bsky.social:
The tell of the existence of a working quantum computer will be movement in early “frozen” bitcoins, in my opinion. A rich target that proves viability.
Or it might be more diffuse. “Be very afraid,” says Amit Katwala:
It would look like a series of strange and apparently unconnected news stories spread out over months or years:
— London’s energy grid goes down on election day, plunging the city into darkness.
— A US submarine on a covert mission surfaces to find itself surrounded by enemy ships.
— Embarrassing material starts to show up online in greater and greater quantities: classified intelligence cables, presidential cover-ups, billionaires’ **** pics.
…
It might be decades before we’re able to pin down exactly when [it] actually happened.
Is it really feasible by 2030? That’s NIST’s implication, but ggm is in two minds:
Using 20x less qbits than previously thought. But still demanding 1000x more qbits than currently demonstrated.
However, gweihir is less equivocal:
Some things to note here: The use of “theoretically,” … ”1M noisy Qbits,” … ”1 week” and … ”RSA 2048.”
…
1. 1M QBits are so far out of reach (because they still need to get entangled and stay that way), this may as well be a prediction for the next millennium.
2. A QC calculation 1 week long? Are you serious? That is probably even harder than (1).
3. RSA 2048? That was the state of things a decade or so ago. And if people were smart and used encryption with perfect forward secrecy, breaking that key gets you excactly nothing.
Meanwhile, u/Asyncrosaurus can’t wait to break out the popcorn:
When the AI bubble bursts, and all the dumb money needs to pivot, I’m betting Quantum Computing is the next big VC tech grift. It’s one barely functional public prototype away from having billions of dollars poured into startups with Quantum in the name.
And Finally:
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Keenan Pepper (cc:by-sa; leveled and cropped)
