Back to the Future: Protecting Digital Currencies from the 2032 “Cryptopocalypse”

Cybersecurity experts around the globe are sounding the alarm to protect our most likely future form of future money, Central Bank Digital Currencies (CBDCs), from a “Cryptopocalypse” powered by new quantum technologies expected to mature within the next decade. These CBDCs considered to be “a gateway to Web3,” per Deloitte, are central to global banks’ next wave of digital transformation, and the time to safeguard them and sensitive financial data is now.

The future of quantum computer attacks is an urgent priority for the U.S. White House’s top cyber advisor because national security data collected today may be decrypted eight years from now, according to Anne Neuberger during an address in London on May 22. 

Neuberger called the imminent release of three new PQC-approved encryption algorithms by the National Institute of Standards and Technology (NIST) in July “a momentous moment” to secure sensitive information against the advanced capabilities of cryptographically relevant quantum computers — CRQCs — that many predict can break through today’s encryptions in a matter of seconds. Both the U.S. and the U.K. are among governments beginning to take the threat seriously. Large banks are already working to protect transaction data. 

As the world races toward the adoption of Central Bank Digital Currencies (CBDCs), a new cybersecurity battleground has emerged. The quantum computing revolution, once confined to the pages of sci-fi thrillers like David Ignatious’ visionary 2017 novel “The Quantum Spy,” is now knocking at our digital doorstep. The stakes are high. New safeguards must be put in place to protect our financial system, according to a recent World Economic Forum report. 

In the next decade, many believe the advent of cryptanalytically relevant quantum computers (CRQCs) will herald the “Cryptopocalypse” — a point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption. The implications are profound, especially as more than 98 percent of the global economy’s central banks explore CBDCs to improve cross-border payment efficiency, enhance financial inclusion, and preserve the role of central bank money in the next generation of financial markets.

Two fundamental concepts lie at the core of quantum computing: superposition and entanglement. Superposition enables qubits to simultaneously exist in a state of 0 and 1, leading to an exponential increase in computational power. Entanglement allows qubits to become correlated with one another, even when separated by immense distances. These particles can theoretically have multiple probability states at once and work together to accomplish their task. 

The race to build the world’s first quantum machine robust enough to easily crack encryption protecting our global monetary system is not just a matter of technological prowess; it is a struggle for global dominance. By leveraging the principles of quantum mechanics, these machines can store information on quantum bits (qubits) that can exist in a superposition state, allowing them to solve complex problems beyond the reach of classical supercomputers.

The threat to CBDCs is clear. These systems rely on cryptographic mechanisms to safeguard “in-motion” data being transmitted, such as sensitive customer, transaction, and market data. Quantum attacks pose a significant risk to the integrity and security of CBDCs and other national payment systems, such as RTGS systems.

To protect CBDCs against quantum threats, the adoption of post-quantum cryptography (PQC) algorithms is crucial. The National Institute of Standards and Technology (NIST) has already taken a significant step in this direction by announcing the first four post-quantum cryptography algorithms for standardization in July 2022: CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+. These algorithms, designed to resist quantum attacks, represent the forefront of cryptographic research and innovation.

These new algorithms are designed to secure against both classical and quantum attacks using a variety of approaches, including cryptography that is lattice-based, hash-based, code-based, multivariate polynomial, and Supersingular Elliptic Curve Isogeny (SIKE). Another promising area of R&D today is Quantum Key Distribution (QKD) that uses quantum mechanics principles to distribute keys securely based on the laws of quantum physics vs mathematical complexity. 

“The race to build the world’s first quantum machine robust enough to easily crack encryption protecting our global monetary system is not just a matter of technological prowess; it is a struggle for global dominance.”

The urgency of the situation cannot be overstated, and the window for action is rapidly closing. The U.S. government has recognized the gravity of the threat, with President Joe Biden signing the Quantum Computing Cybersecurity Preparedness Act into law on December 21, 2022. This legislation aims to secure federal systems and data against the threat of quantum-enabled data breaches ahead of what some call “Q-Day.” 

The implications of the quantum threat extend far beyond the realm of CBDCs. As more critical infrastructure, financial systems, and sensitive data are digitized, the potential for quantum-enabled cyberattacks grows exponentially. The consequences of such attacks could be devastating, ranging from the theft of intellectual property and financial assets to the disruption of essential services and the erosion of public trust.

To meet this challenge, a concerted effort is required from governments, industry, and academia. We must invest in advanced R&D to develop new post-quantum cryptographic techniques, quantum-resistant hardware and software, and secure communication protocols. 

Cybersecurity professionals and governments around the world have a responsibility to ensure that the benefits of this transformative technology are realized while mitigating its potential dangers. The race is on, and the stakes could not be higher. The winner of the quantum computing arms race will not only attain a significant military and economic advantage but could shape the future of global power dynamics for generations to come.

In conclusion, the quantum threat to CBDCs and the broader digital payments landscape is a clarion wake-up call. We must act now to safeguard our financial systems, critical infrastructure, and sensitive data from the looming specter of quantum-enabled cyberattacks. The road ahead is challenging, but with focused research, collaborative effort, and unwavering commitment, we can navigate the quantum era with confidence and resilience. The future of cybersecurity hangs in the balance, and it is up to us to tip the scales in our favor.