Cracking Bitcoin in just 9 minutes? Google warns that the end of elliptic encryption may come sooner than expected, having lowered the attack threshold by 20 times.

ME News announcement, March 31 (UTC+8): Google’s Quantum AI team released a white paper demonstrating major optimizations to Shor’s algorithm. Shor’s algorithm can break the elliptic curve encryption used by Bitcoin and Ethereum; once quantum computers are powerful enough, attackers can derive private keys from public keys and steal funds. The team compiled two sets of attack circuits, each requiring fewer than 1200 and fewer than 1450 logical qubits (computation units made up of hundreds of physical qubits through error correction). On superconducting quantum computers, both circuits can complete the computation within minutes under the condition of fewer than 500,000 physical qubits. Previously, the mainstream estimate in academia was about 10 million physical qubits; this breakthrough lowers the threshold by roughly 20x.

Attackers can complete most of the preparatory computations in advance, cracking the private key about 9 minutes after a Bitcoin transaction is broadcast. Bitcoin’s average block time is about 10 minutes, giving attackers about a 41% probability of intercepting funds before the transaction is confirmed. Currently, about 6.9 million Bitcoins (around one-third of total supply) face potential risk because the public keys have been exposed; of these, about 1.7 million come from the network’s early days. Google also pointed out that the 2021 Taproot upgrade exposes public keys by default, which could further expand the scope of vulnerable wallets.

The team did not publicly disclose the specific implementation of the attack circuits, but instead released a zero-knowledge proof that allows third parties to verify that the conclusions are correct without disclosing the attack methods. Ryan Babbush, Director of Quantum Algorithm Research at Google, and Hartmut Neven, Vice President of Engineering for Google Quantum AI, said the team had already communicated with the U.S. government before publishing and is now collaborating with Coinbase, the Stanford Blockchain Research Institute, and the Ethereum Foundation to advance the move to post-quantum cryptography. Google previously set 2029 as the deadline for migrating its own certified services to post-quantum encryption. Nic Carter, co-founder of Castle Island Ventures, called the paper “very concerning,” and wrote: “Elliptic curve encryption is right at the edge of being obsolete. Whether it’s 3 years or 10 years, it’s over, and we need to accept that.” (Source: 1M AI News)