According to Ledger CTO Charles Guillemet, blockchain security relies heavily on Elliptic Curve Cryptography, as seen in public and private keys.
While not an immediate threat, it is believed that once quantum computers are powerful enough, Elliptic Curve Cryptography could be broken, meaning private keys could be computed from exposed public keys.
Guillemet added that while it is tempting to think Bitcoin public keys “usually aren’t on-chain,” this is not so as, in practice, public keys are revealed when users spend, and some are already exposed in early outputs and through address reuse.
Given this threat, “wait and see” is not an option, according to Guillemet, as preparation has to start long before quantum capability becomes real.
The good news, however, is that post-quantum cryptography provides quantum-resistant signature schemes, mainly in two families: hash based and lattice based. Hash based are large signatures, very conservative but well studied. Lattice based are modern, more scalable and have seen less long-term study.
While the math is just one piece of the puzzle, implementing it securely into signers is where things get tricky, Guillemet added.
Hardware signers are now the gold standard for securing crypto, according to the Ledger CTO, as keys stay offline and signing happens inside a secure element.
Guillemet revealed that the ledger is currently working on post-quantum cryptography experiments, running software only (no hardware acceleration) implementations directly inside Secure Elements, however, RAM pressure and compute cost remain major bottlenecks.
Seven million BTC at risk?
Experts warn that quantum computers powerful enough to break Bitcoin‘s cryptography might put about seven million coins, including about one million attributed to Satoshi Nakamoto, at risk.
You Might Also Like
Seven million coins out of a 19.99 million BTC circulating supply are at risk due to this: in Bitcoin’s early years, pay-to-public-key (P2PK) transactions embedded public keys directly on-chain. Modern addresses often reveal only a hash of the key until coins are spent, but once a public key is exposed through early mining or address reuse, exposure remains permanent. In a well advanced quantum scenario, those keys could, in theory, be reversed.
Crypto participants are already moving ahead of this threat. On Thursday, ETH cofounder Vitalik Buterin outlined a roadmap to secure the Ethereum blockchain from the long-term risks posed by quantum computers.
Although practical quantum computers capable of breaking modern cryptography do not yet exist, they could eventually crack the digital signatures and cryptographic systems that secure Ethereum.