WEF warns that CBCCs may be vulnerable to quantum computer attacks
The World Economic Forum (WEF) recently issued a dire warning regarding the vulnerability of central bank digital currencies (CBDCs) to attacks from quantum computer systems.
Quantum computers are still mostly in the experimental stage. There are various proof-of-concepts, and a handful of labs claim to have solved problems in quantum systems that traditional, binary computers couldn't solve in a reasonable amount of time.
But for the most part, there's still some time between now and “Q-day,” the hypothetical point at which bad actors can break standard encryption with quantum computers.
While encryption threats affect seemingly every industry, the digital asset sector is one of the biggest concerns. This excessive risk has the potential to “derail” CBDCs, according to the WEF.
Noting this risk, the WEF wrote in a May 21 blog post that “central banks should incorporate cryptographic efficiency into CBCC systems to prevent quantum cyberattacks targeting payment infrastructure.”
In a blog post:
“More than 98% of the world's central banks are exploring CBCCs. […] At the same time, the private sector is pursuing quantum computers that can operate at a scale that could generate $1.3 trillion in value by 2025.
He notes that there is no consensus among physicists that quantum computers' power, utility, and availability pose a threat to current encryption methods. Forecasts range from a few years to decades.
Related: Ripple publishes math professor's warning: ‘Public key cryptosystems must be replaced'
To this end, the WEF has identified three specific threats to CBCCs that quantum computing may pose.
First, according to the WEF, quantum computers can be used to break “encryption in motion,” allowing bad actors to intercept transactions as they happen.
The blog post cites identity spoofing as a threat vector, possibly using quantum systems to crack encryption to allow compromised identity assets to be entered into identity verification systems.
Finally, the WEF addresses the oft-cited concern with quantum computers: “harvest now, decrypt later.” Apparently, in this attack vector, bad actors steal encrypted data and store it to be decrypted by a future quantum system.
In this case, victims may not know their data has been stolen for years or even decades before the threat occurs.
To mitigate or eliminate these risks, the WEF recommends that CBCCs be built with quantum-proof safeguards at their core through a technique called “cryptographic agility.”
According to the WEF:
“Cryptographic agility is the ability to configure and adjust cryptographic algorithms based on real-time threats and the ability to thwart evolving attack techniques.
