对比特币的量子攻击，以及如何防范它们

IF 0.6 Q4 ECONOMICS

Ledger Pub Date : 2017-10-27 DOI:10.5195/ledger.2018.127

Divesh Aggarwal, G. Brennen, Troy Lee, M. Santha, M. Tomamichel

{"title":"对比特币的量子攻击，以及如何防范它们","authors":"Divesh Aggarwal, G. Brennen, Troy Lee, M. Santha, M. Tomamichel","doi":"10.5195/ledger.2018.127","DOIUrl":null,"url":null,"abstract":"The key cryptographic protocols used to secure the internet and financial transactions of today are all susceptible to attack by the development of a sufficiently large quantum computer. One particular area at risk is cryptocurrencies, a market currently worth over 100 billion USD. We investigate the risk posed to Bitcoin, and other cryptocurrencies, by attacks using quantum computers. We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers. On the other hand, the elliptic curve signature scheme used by Bitcoin is much more at risk, and could be completely broken by a quantum computer as early as 2027, by the most optimistic estimates. We analyze an alternative proof-of-work called Momentum, based on finding collisions in a hash function, that is even more resistant to speedup by a quantum computer. We also review the available post-quantum signature schemes to see which one would best meet the security and efficiency requirements of blockchain applications.","PeriodicalId":36240,"journal":{"name":"Ledger","volume":null,"pages":null},"PeriodicalIF":0.6000,"publicationDate":"2017-10-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"115","resultStr":"{\"title\":\"Quantum Attacks on Bitcoin, and How to Protect Against Them\",\"authors\":\"Divesh Aggarwal, G. Brennen, Troy Lee, M. Santha, M. Tomamichel\",\"doi\":\"10.5195/ledger.2018.127\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The key cryptographic protocols used to secure the internet and financial transactions of today are all susceptible to attack by the development of a sufficiently large quantum computer. One particular area at risk is cryptocurrencies, a market currently worth over 100 billion USD. We investigate the risk posed to Bitcoin, and other cryptocurrencies, by attacks using quantum computers. We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers. On the other hand, the elliptic curve signature scheme used by Bitcoin is much more at risk, and could be completely broken by a quantum computer as early as 2027, by the most optimistic estimates. We analyze an alternative proof-of-work called Momentum, based on finding collisions in a hash function, that is even more resistant to speedup by a quantum computer. We also review the available post-quantum signature schemes to see which one would best meet the security and efficiency requirements of blockchain applications.\",\"PeriodicalId\":36240,\"journal\":{\"name\":\"Ledger\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2017-10-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"115\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Ledger\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5195/ledger.2018.127\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"ECONOMICS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ledger","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5195/ledger.2018.127","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"ECONOMICS","Score":null,"Total":0}

引用次数: 115

摘要

如今用于保护互联网和金融交易安全的关键加密协议都很容易受到足够大的量子计算机发展的攻击。面临风险的一个特定领域是加密货币，这个市场目前价值超过1000亿美元。我们调查了使用量子计算机的攻击对比特币和其他加密货币构成的风险。我们发现，比特币使用的工作量证明在未来10年内相对抵制量子计算机的大幅加速，主要是因为与近期量子计算机的估计时钟速度相比，专用ASIC矿工的速度非常快。另一方面，比特币使用的椭圆曲线签名方案的风险要大得多，据最乐观的估计，最早在2027年就可能被量子计算机完全破解。我们分析了另一种名为动量的工作量证明，它基于在哈希函数中发现碰撞，它甚至更能抵抗量子计算机的加速。我们还回顾了可用的后量子签名方案，以了解哪一种方案最能满足区块链应用的安全性和效率要求。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Quantum Attacks on Bitcoin, and How to Protect Against Them

The key cryptographic protocols used to secure the internet and financial transactions of today are all susceptible to attack by the development of a sufficiently large quantum computer. One particular area at risk is cryptocurrencies, a market currently worth over 100 billion USD. We investigate the risk posed to Bitcoin, and other cryptocurrencies, by attacks using quantum computers. We find that the proof-of-work used by Bitcoin is relatively resistant to substantial speedup by quantum computers in the next 10 years, mainly because specialized ASIC miners are extremely fast compared to the estimated clock speed of near-term quantum computers. On the other hand, the elliptic curve signature scheme used by Bitcoin is much more at risk, and could be completely broken by a quantum computer as early as 2027, by the most optimistic estimates. We analyze an alternative proof-of-work called Momentum, based on finding collisions in a hash function, that is even more resistant to speedup by a quantum computer. We also review the available post-quantum signature schemes to see which one would best meet the security and efficiency requirements of blockchain applications.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Ledger Economics, Econometrics and Finance-Economics, Econometrics and Finance (all)

CiteScore

2.20

自引率

0.00%

发文量

审稿时长

40 weeks