RE: Something HUGE Just Happened To Bitcoin, and No One Even Noticed . By Gregory Mannarino
Ignorance? These are words of Konstantinos Karagiannis
CTO, Security Consulting, Americas, BT.
But is it safe?
My RSA 2017 talk, “Hacking Blockchain”, includes a fair amount of time explaining historic and current attacks faced by all implementations of the technology. A lot of these attacks are old school, focusing on supporting technology and not on the blockchain itself.
Consider attacks against credentials used at an online cryptocurrency exchange. Such exchanges act as hot wallets, or storage of funds available for transacting online at any time. Traditional authentication hacking of these sites can lead to illegal transactions. Some attacks are even more creative, such as the ability to force a cold or offline wallet to become hot and therefore a target for fraudulent transactions.
The major issue I cover, though, is the inherent flaw on page one of Satoshi’s paper. That elegant if pesky line about “computationally impractical to reverse” transactions. You see, the crypto behind cryptocurrency is actually public key. We are likely less than three years away from this being completely hackable by a quantum computer.
Facing reality.
Fantasy? Hardly. Labs around the world have already proven that quantum computers can run Shor’s Algorithm and almost instantly find the private key of a public key pair even 4,096 bits long. Because of how public key works in most blockchain implementations, including Bitcoin, this would mean any time a transaction occurs, a quantum computer has everything it needs to obtain a user’s private key. Spend a single cryptocoin, and any entity with a quantum computer can download that currency’s blockchain, see your transaction, and in a few moments spend the rest of your funds.
The threat seems even worse if you consider blockchains designed to prove ownership of land or other critical identity-related transactions. A private key attack here can lead to an irreversible type of identity theft, at least within that blockchain ecosystem.
The NSA has already warned against the use of non-quantum-safe encryption. Its’ time to realise we may be rushing towards putting everything on a digital house of cards rather than an unbreakable chain. Let’s fix blockchain’s inherent flaws now, before it’s too late.
If you want to see our Blockchain demo in person, why not visit Innovation 2017, our technology and innovation exhibition taking place in June.