Don’t be afraid of quantum computers

Don’t be afraid of quantum computers

Opinion by: Eli Ben-Sasson, CEO of StarkWare 

The arrival of Google’s quantum chip, Willow, presents excellent opportunities, and a serious threat to the technology industry. Almost everything that uses cryptography, from identity-based services to online payments, could break upon the arrival of quantum computers.

Still, I am not afraid, and you shouldn’t be either. 

Quantum computing uses quantum physics to solve specific problems much faster than regular computers. With Willow, Google has made a significant breakthrough in this space. Willow will perform operations in a few minutes that take today’s computers almost an eternity. This development may create challenges for any platform or service using cryptography — including blockchain technology — as it moves quantum computers closer to being able to break cryptographic algorithms that regular supercomputers simply cannot.

Predictably, much of the discussion has focused on the potential risks to cryptocurrencies. While quantum computing may widely affect all of our technology, it poses an exciting challenge to a field built on cryptography, as its name suggests. 

Cryptographic building blocks

Blockchains use cryptographic building blocks, like elliptic curve cryptography (ECC), to secure transactions, wallets and private keys. The system is built for classical computers, but quantum computers with enough qubits — quantum computing’s basic information units — would break ECC by solving its underlying mathematical problems. We fear the day that an attacker with a sufficiently advanced quantum computer can compromise private keys, steal funds, forge transactions and disrupt the integrity of the blockchain.

There’s already a decent solution to the problem: an advanced type of cryptography known as zero-knowledge (ZK) proofs, one of the most exciting mathematical technologies of the 21st century. ZK-proofs have been used in blockchain projects to help make transactions faster and cheaper and enhance users’ privacy protections. 

Everyone in blockchain has heard of them as the elegant little proofs that enable you to jam hundreds of thousands of transactions into the space on Ethereum that you formerly needed for just one. Still, few in blockchain know that some ZK-proofs have a bonus feature that might become blockchain’s saving grace. Today’s most prominent ZK-proofs were always post-quantum secure, meaning that quantum computers can’t crack them. 

Recent: Modular blockchain to scale Bitcoin and integrate AI, reinforcing security and finality

There’s a widespread perception that when the first quantum computer is plugged in, its owner will possess the master key to every code and password in the universe. That is an exaggeration, but you catch the drift. 

That also misses the point. Not long ago, it was easy to steal a car by manipulating a few exposed wires under the dashboard. Ignition systems were mechanical, and starting a car without a key bypassed the ignition switch. Features like electronic ignition, immobilizers and push-to-start systems have made cars more intelligent and far more secure.

Locks and keys are different today. Indeed, all security systems are different. Future security systems will look very different from those of today.  

In our area of interest, crypto, where we have already spent years kicking the tires of ZK technology, we have the potential to prepare well and face the challenges and opportunities of quantum computing head-on. 

Why is ZK math ready for quantum computers? 

It’s less baffling than you may imagine. Today’s popular encryption schemes, used across the web by your bank and every other institution you trust — like RSA or various elliptic curve-based encryptions — are no longer safe against quantum adversaries. It is not the case for STARKs, which rely only on a much “thinner” or more bare-bones cryptographic primitive: hash functions. These should remain resilient against quantum computers.

It’s not the same cryptography “done better.” It’s a different type of cryptography. Think of it like this: Today’s passwords are like needles hidden in the most enormous haystack you’ve ever seen. You don’t know my password because neither you nor your computer can work through the haystack. Think of quantum computers as a mega-magnet that can instantly find that needle. 

There is cryptography that is, however, fundamentally different. Instead of looking for a needle in a haystack, you’re searching for a specific piece of hay in a massive haystack. No magnet will help you, and no quantum computer will find it. Even if you get a bigger or better magnet, it won’t help. Even if you build a more powerful quantum computer, it still won’t make a difference.

All of the above makes me sleep easier at night because we have a pathway. To face quantum computing, we don’t yet need fully-baked solutions, we don’t yet need quantum-secure chains, but we do need pathways to solutions, core technologies that can be turned into practical solutions. Is Starknet, the permissionless L2 based on STARKs, ready for quantum computing tomorrow? No. The proofs powering the system are, however, post-quantum secure. There is a clear route to make the necessary changes. As with anything in the blockchain space, I expect to see growing discussion and alternative solutions to the post-quantum challenge — the more, the better. 

Realizing that ZK technology offers a solution to a large part of quantum computing’s challenge doesn’t just mean that blockchain is “saved” from being compromised. It means something more profound for all who came to crypto for the beauty of the vision. The vision is that cryptography can be a source of truth and integrity and help to answer humanity’s most contemporary challenges. Yet again, it rises to the occasion. 

Eli Ben-Sasson is the CEO and co-founder of StarkWare. A former academic, he got into blockchain via theoretical computer science. He has been researching cryptographic and zero knowledge proofs, which are today used to power blockchain scaling protocols, ever since he received his Phd in Theoretical Computer Science from the Hebrew University in 2001. He is a co-inventor of the STARK, FRI and Zerocash protocols and a founding scientist of the Zcash Company. He has held research positions at the Institute for Advanced Study at Princeton, Harvard, MIT, and most recently was a professor of computer science at Technion in Israel.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.