Quantum computers will ruin zcash (and cryptocurrency in general)?

#1

I keep hearing more and more news about quantum computation advancements and optimism. Links later if you like. The meme/promise is that quantum computers will render classic encryption algorithms useless and broken, by the sheer ability to brute force keys in seconds as opposed to centuries. Paraphrasing.

Is this a dilemma for today's cryptocurrencies assuming that happens or can we suppose that "ok private blockchain history for this coin is now public (read: "cracked") thanks to those pesky quantum computers, but from now on we secure additional blocks with new quantum algorithms and hardware and it's secure ForRealThisTime."?

What does a fix for that issue look like and is it backwards compatible?

#3

Agreed on the "long way from having real world applications" along with zcash awesomeness in general. I should have mentioned I'm talking about 20+ year time-frame at the soonest but that's close enough to be very interesting in a conversation about long-term sustainability of the tech.

1 Like
#4

BTW this isn't a pessimistic kind of perspective/post, I don't have an opinion on the likelihood of scenario A vs B, I'm just wondering if anyone's considered whether this is a potential situation...

#6

Bitcoin can easily switch to quantum resistant cryptography if needed.

#7

hold on, your 20-years-out-convo-isn't-sensible point doesn't make sense. The whole bang here is a long-term proposition so weigh it accordingly. Tech could care less about Zcash so let's be savvy here and anticipate problems. Not saying quantum computers are "Achilles Heel" class but it would be wise to confirm.

#8

that's my hope. but I want to understand that premise in more detail.

#10

I'm talking about the scenario where the whole zk snarks private transaction history on the blockchain is unearthed because quantum computers

#11

Quantum Computing break cryptography that relies on the discrete log problem by using Shor Algorithm.

#12

btw your "I have the fullest confidence that the Zcash team will ensure it will evolve in line with technology trends." is exactly coming back to my question... is there new hotness in the quantum age that we can simply plug into the ZEC (etc) blockchain to address emerging vulnerabilities? admittedly it's a tough problem so that's why I'm throwing it out there..

#14

Here is one of the more interesting presentations that I've seen in regards to this topic;

Christian Schaffner: Quantum Cryptography

#15

Defeating Quantum Algorithms with Hash Functions
quote from the article:

In this post I’ll explain why quantum computers are useless to find hash function collisions, and how we can leverage this powerlessness to build post-quantum signature schemes. I’ll then describe a quantum computing model that you can try at home, and one where hash function collisions are easy to find.

1 Like
#16

There is a fair amount of discussion on this on the Zcash review podcast episode 1 which is well worth a listen. https://forum.zcashcommunity.com/t/zcash-review-podcast/14569

My understanding is that even if the underlying crypto is broken whilst money could be created no privacy would ever be leaked (there simply isn't enough identifying information in the proof itself).

#17

It's not entirely clear to me that no privacy is ever leaked even if the crypto is broken: in the zerocash paper, the sender needs to have some way of broadcasting the receiver's address, and it is done through some public-key encryption. The sender simply encrypts the receiver's address and put it in a transaction. So breaking this encryption would mean breaking privacy of the receiver.

That being said, I don't know what is the actual encryption scheme used in zcash right now... for the pod you mentioned, I think its claim is that even if the digital signature scheme (ECDSA) is broken, no privacy is leaked.

2 Likes
#18

https://z.cash/support/faq.html#quantum-computers

5 Likes
#19

Thanks for looking at this, Zooko! It's good to know the team is thinking decades beyond current technology!

#20

Bitcoin has no chance of implementing anything just look at the Segwit mess and how much time it took…If anything Zcash has a better chance of implementing quantum resistant crypto some how. Zcash has a huge advantage over bitcoin in regards to upgrading its blockchain.

From Zookos link above:

“Scientists at the Zcash company, and academia, are actively researching postquantum-secure alternatives to the affected cryptographic components (see issue #805). We plan to monitor developments in postquantum-secure components, and if/when they are mature and practical, update the Zcash protocol to use them.”