Create a Video View Paper

Breaking Bitcoin's Curve: Quantum Circuits for Elliptic Curve Cryptanalysis

This presentation examines recent advances in quantum circuit design for attacking elliptic curve cryptography, focusing on optimized point addition circuits that bring Shor's algorithm closer to practical implementation. We explore how the authors achieved up to 10% reductions in quantum gate counts for breaking curves like secp256k1, the cryptographic foundation of Bitcoin, through novel compression techniques and explicit circuit architectures that set new benchmarks for post-quantum cryptanalysis.

Script

The cryptography protecting Bitcoin and countless other systems rests on a mathematical puzzle: the elliptic curve discrete logarithm problem. Quantum computers running Shor's algorithm could shatter that protection, but the question has always been how many qubits and gates would it actually take?

The authors built something no one had published before: fully explicit quantum circuits for elliptic curve point addition, the core operation in Shor's algorithm. Previous work claimed dramatic improvements but hid the actual circuit designs behind zero-knowledge proofs.

Their key innovation compresses the history of the modular inversion algorithm. By encoding three pairs of operation bits into just five bits, they dramatically cut the ancilla qubits needed for each multiplication. This compression exploits a subtle property: on valid inputs, one output bit is always zero.

For secp256k1, Bitcoin's curve, the results are concrete: 1208 to 1462 logical qubits, and between 2 to the power of 25.8 and 2 to the power of 26.1 Toffoli gates. That's a 10% reduction in gates compared to previous best results, with only a slight increase in qubit requirements.

The circuits aren't just theoretical. Implemented and tested in the Qarton library, they achieve success probability exceeding 1 minus 2 to the power of negative 13.3 on random inputs. But there's a hard trade-off frontier here: optimizing for fewer gates costs you more qubits, and vice versa.

These explicit circuits transform quantum cryptanalysis from abstract threat to engineering specification, giving hardware designers and security planners precise targets for what breaking real-world elliptic curves actually demands. If you want to explore more research shaping the quantum future, visit EmergentMind.com to dive deeper and create your own video summaries.