Committing to Quantum Resistance, Better: A Speed-and-Risk-Configurable Defence for Bitcoin Against a Fast Quantum Computing Attack

  • Dragos I. Ilie
  • William J. Knottenbelt
  • Iain D. StewartEmail author
Conference paper
Part of the Springer Proceedings in Business and Economics book series (SPBE)


In light of the emerging threat of powerful quantum computers appearing in the near future, we investigate the potential attacks on Bitcoin available to a quantum-capable adversary. In particular, we illustrate how Shor’s quantum algorithm can be used to forge ECDSA based signatures, allowing attackers to hijack transactions. We then propose a simple commit–delay–reveal protocol, which allows users to securely move their funds from non-quantum-resistant outputs to those adhering to a quantum-resistant digital signature scheme. In a previous paper (Stewart et al. R. Soc. Open Sci. 5(6), 180410 (2018)) [1] we presented a similar scheme with a long fixed delay. Here we improve on our previous work, by allowing each user to choose their preferred delay–long for a low risk of attack, or short if a higher risk is acceptable to that user. As before, our scheme requires modifications to the Bitcoin protocol, but once again these can be implemented as a soft fork.


  1. 1.
    Stewart, I., Ilie, D., Zamyatin, A., Werner, S., Torshizi, M., Knottenbelt, W.J.: Committing to quantum resistance: a slow defence for bitcoin against a fast quantum computing attack. R. Soc. Open Sci. 5(6), 180410 (2018)CrossRefGoogle Scholar
  2. 2.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. (2008). Accessed 01 July 2015
  3. 3.
    Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V., et al.: Blockchain technology: beyond bitcoin. Appl. Innov. 2(6–10), 71 (2016)Google Scholar
  4. 4.
    Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: International Workshop on Fast Software Encryption, pp. 371–388. Springer, Berlin (2004)Google Scholar
  5. 5.
    Rivest, R.L., Shamir, A., Adleman, L.: On digital signatures and public-key cryptosystems. Technical Report, Massachusetts Inst of Tech Cambridge Lab for Computer Science (1977)Google Scholar
  6. 6.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) Proceedings of the Advances in Cryptology—CRYPTO ’85, pp. 417–426. Springer, Berlin, Heidelberg (1986)Google Scholar
  7. 7.
    Kaye, P., Laflamme, R., Mosca, M.: An Introduction to Quantum Computing. Oxford University Press (2007)Google Scholar
  8. 8.
    Feynman, R.: Theres plenty of room at the bottom. In: Feynman and computation, pp. 63–76. CRC Press (2018)Google Scholar
  9. 9.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev. 41(2), 303–332 (1999)CrossRefGoogle Scholar
  10. 10.
    Schlosshauer, M.A.: Decoherence: And the Quantum-to-Classical Transition. Springer Science & Business Media, Berlin (2007)Google Scholar
  11. 11.
    Debnath, S., Linke, N.M., Figgatt, C., Landsman, K.A., Wright, K., Monroe, C.: Demonstration of a small programmable quantum computer with atomic qubits. Nature 536(7614), 63 (2016)CrossRefGoogle Scholar
  12. 12.
    Veldhorst, M., Yang, C., Hwang, J., Huang, W., Dehollain, J., Muhonen, J., Simmons, S., Laucht, A., Hudson, F., Itoh, K., et al.: A two-qubit logic gate in silicon. Nature 526(7573), 410 (2015)CrossRefGoogle Scholar
  13. 13.
    Watson, T., Philips, S., Kawakami, E., Ward, D., Scarlino, P., Veldhorst, M., Savage, D., Lagally, M., Friesen, M., Coppersmith, S., et al.: A programmable two-qubit quantum processor in silicon. Nature 555, 633–637 (2018)Google Scholar
  14. 14.
    Bettelli, S., Calarco, T., Serafini, L.: Toward an architecture for quantum programming. Eur. Phys. J. D-At. Mol. Opt. Plasma Phys. 25(2), 181–200 (2003)Google Scholar
  15. 15.
    Antonopoulos, A.M.: Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media, Inc. (2014)Google Scholar
  16. 16.
    Narayanan, A., Bonneau, J., Felten, E., Miller, A., Goldfeder, S.: Bitcoin and cryptocurrency technologies. Princeton University Press (2016)Google Scholar
  17. 17.
    Nielsen, M.A., Chuang, I.: Quantum computation and quantum information. Cambridge University Press (2000)Google Scholar
  18. 18.
    Bernstein, D.J., Lange, T.: Post-quantum cryptography. Nature 549(7671), 9 (2017)CrossRefGoogle Scholar
  19. 19.
    Bitcoin community. Elliptic Curve Digital Signature Algorithm. Accessed 18 Feb 2018
  20. 20.
    Jogenfors, J.: Quantum bitcoin: an anonymous and distributed currency secured by the no-cloning theorem of quantum mechanics. arXiv:1604.01383 (2016)
  21. 21.
    Mosca, M., Ekert, A.: The hidden subgroup problem and eigenvalue estimation on a quantum computer. In: NASA International Conference on Quantum Computing and Quantum Communications, pp. 174–188. Springer, Berlin (1998)Google Scholar
  22. 22.
    Lavor, C., Manssur, L., Portugal, R.: Shor’s algorithm for factoring large integers. arXiv: quant-ph/0303175 (2003)
  23. 23.
    Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Proceedings of the twenty-eighth annual ACM symposium on Theory of computing, pp. 212–219. ACM (1996)Google Scholar
  24. 24.
    Boyer, M., Brassard, G., Høyer, P., Tapp, A.: Tight bounds on quantum searching. Fortschritte der Physik 46(4–5), 493–505 (1998)CrossRefGoogle Scholar
  25. 25.
    Daemen, J., Rijmen, V.: The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media, Berlin (2013)Google Scholar
  26. 26.
    Elminaam, D.S.A., Abdual-Kader, H.M., Hadhoud, M.M.: Evaluating the performance of symmetric encryption algorithms. IJ Netw. Secur. 10(3), 216–222 (2010)Google Scholar
  27. 27.
    Taylor, M.B.: The evolution of bitcoin hardware. Computer 50(9), 58–66 (2017)CrossRefGoogle Scholar
  28. 28.
    Proos, J., Zalka, C.: Shor’s discrete logarithm quantum algorithm for elliptic curves. arXiv: quant-ph/0301141 (2003)
  29. 29.
    Tessler, L., Byrnes, T.: Bitcoin and quantum computing. arXiv:1711.04235 (2017)
  30. 30.
    Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D., Voelker, G.M., Savage, S.: A fistful of bitcoins: characterizing payments among men with no names. In: Proceedings 2013 Internet Measurement Conference, pp. 127–140. ACM (2013)Google Scholar
  31. 31.
    Schneider, N.: Recovering bitcoin private keys using weak signatures from the blockchain. (2013). Accessed 18 Feb 2018
  32. 32.
    Bitcoin Cash. Accessed 18 Feb 2018
  33. 33.
    Bitcoin Gold. . Accessed 18 Feb 2018
  34. 34.
    Poon, J., Dryja, T.: The bitcoin lightning network. (2016). Accessed 07 July 2016
  35. 35.
    Lombrozo, E., Lau, J., Wuille, P.: BIP141: segregated witness (consensus layer). (2012). Accessed 18 Feb 2018
  36. 36.
    Bitcoin community. OP_RETURN. Accessed 18 Feb 2018
  37. 37.
    Eastlake III, D., Hansen, T.: US secure hash algorithms (SHA and HMAC-SHA) (2006)Google Scholar
  38. 38.
  39. 39.

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Dragos I. Ilie
    • 1
  • William J. Knottenbelt
    • 1
  • Iain D. Stewart
    • 1
    Email author
  1. 1.Centre for Cryptocurrency Research and EngineeringImperial College LondonLondonUK

Personalised recommendations