Cracking Bitcoin in just 9 minutes? Google warns that the end of elliptic encryption may come sooner than expected, having lowered the attack threshold by 20 times.

ME News message, March 31 (UTC+8): Google’s Quantum AI team released a white paper showing major optimizations to Shor’s algorithm. Shor’s algorithm can break the elliptic-curve cryptography used by Bitcoin and Ethereum; once quantum computers become powerful enough, attackers can derive private keys from public keys and steal funds. The team compiled two sets of attack circuits, requiring fewer than 1200 and fewer than 1450 logical qubits, respectively (computation units formed from hundreds of physical qubits via error correction). On superconducting quantum computers, both circuits can complete computation within minutes under the condition of fewer than 500,000 physical qubits. Previously, the mainstream academic estimate was about 10 million physical qubits; this breakthrough lowers the threshold by roughly 20x.

Attackers can complete most of the preparatory computations in advance, breaking private keys within about 9 minutes after Bitcoin transaction broadcasting. Bitcoin’s average block time is about 10 minutes, giving attackers about a 41% probability of intercepting funds before transaction confirmation. Currently, about 6.9 million Bitcoins (about one-third of the total supply) face potential risk because their public keys have been exposed; about 1.7 million of those come from the network’s early days. Google also noted that the 2021 Taproot upgrade exposes public keys by default, which could further expand the scope of vulnerable wallets.

The team did not publicly disclose the specific implementation of the attack circuits; instead, they released a zero-knowledge proof that allows third parties to verify that the conclusions are correct without disclosing the attack method. Ryan Babbush, Director of Quantum Algorithm Research at Google, and Hartmut Neven, Vice President of Engineering for Google Quantum AI, said that before publishing, the team had communicated with the U.S. government and is now collaborating with Coinbase, the Stanford Blockchain Research Institute, and the Ethereum Foundation to advance post-quantum migration. Google previously set 2029 as the deadline for migrating its own certified services to post-quantum cryptography. Castle Island Ventures co-founder Nic Carter called the paper “very alarming,” and wrote: “Elliptic-curve cryptography is right on the outdated edge. Whether it’s 3 years or 10 years, it’s done, and we have to accept it.” (Source: 1M AI News)