A group of Chinese cryptographers have shared a thesis on how existing quantum computers can break Rivest–Shamir–Adleman (RSA), a public-key cryptosystem used by blockchains. Meanwhile, some cryptocurrency experts are skeptical about this design.
372 physical qubits is enough to break RSA-2048
In late December 2022, a collective of researchers from Zhengzhou, Hangzhou and Beijing, led by Bao Yan and Ziqi Tan, shared a thesis called Factoring integers with sublinear resources on a superconducting quantum processor. It describes a much more resource-efficient way of challenging RSA-2048 cryptography than ever before.
it's time to rotate your rsa keys anon pic.twitter.com/meHOdZYpBs— banteg (@bantg) January 4, 2023
Previously, it was considered that a potential attacker would need millions of physical qubits to break the integrity of the aforementioned scheme, which is far beyond the current hardware capabilities of quantum computers.
Instead, the proposed algorithm can knock down barriers by factoring integers up to 48 bits with 10 superconducting qubits, the largest integer factored on a quantum device.
As a result, a potential attacker needs 372 physical qubits to break the RSA-2048 scheme. To provide context, QuEra Computing device by physicists at Harvard and MIT has 256 qubits, while IBM's Condor is set to surpass the 1,000-qubit mark in 2023.
No worries, experts say
However, the majority of experts showed skepticism about the newest reports by the Chinese scholars. For instance, Ethereum (ETH) veteran @dystopiabreaker (Suzuha) claims that the research is based on a widely criticized paper:
their method relies on Schnorr's "destroyes RSA" paper from a few years ago, which has been shown to not work well with larger moduli. not clear if they have overcome this limitation or not. i am skeptical, just as with the schnorr paper, show your work
Other experts added that once this attack becomes real, blockchain teams will easily switch to more secure cryptographic schemes.
Prominent computer scientist Bruce Schneier, lecturer at Harvard's Kennedy School, told to the media that he did not think "this will break RSA."