New breakthrough results for quantum attack resource estimates against 256-bit elliptic curves: most ECC-based applications including ECDSA and Bitcoin could be at risk way sooner than expected:
We estimate that these circuits can be executed on a superconducting qubit CRQC with fewer than 500,000 physical qubits in a few minutes [...] This is an approximately 20-fold reduction in the number of physical qubits required to solve ECDLP-256"
Interestingly, Google and friends did not release the blueprint for the attack circuit. In the name of "responsible disclosure", they only provided a zero-knowledge proof (ZKP) proving that the circuit works. This is, I think , a first in the realm of cryptanalysis disclosure.
The statement that our ZK proof demonstrates is the following: we possess a classical reversible circuit of a specified size which on most inputs correctly computes point addition on the elliptic curve secp256k. This is the primary bottleneck in Shor’s quantum algorithm
I have been saying this since the 2010s: quantum cryptanalysis is one of those non-linear technology progresses that will take everyone by surprise when it arrives. Qubits quality and numbers go up, error-correction and attacks improve, investments scale up accordingly. It's a perfect storm of compound factors. Folks didn't listen, now time is ticking.
More context at: https://gagliardoni.net/#20260331_new_quantum_estimates
#quantum #quantumcomputing #cryptography #security #cybersecurity #infosec #google #bitcoin #blockchain #ethereum #zkp #zeroknowledge
Sophie Schmieg
ℹ️❤️🖥 aka Compy-chan
Tablaste
Dane 🌎🖖✌️☮️⚛️☸️🕉️
Soatok Dreamseeker