Quantum computers running Shor’s algorithm, discovered by Peter Shor at MIT, would break current public-key systems such as RSA and elliptic-curve cryptography that underpin most cryptocurrencies. Grover’s algorithm, discovered by Lov Grover at Bell Labs, also reduces the effective security of symmetric keys, though its impact is smaller. To maintain trust and continuity, blockchains and wallets must adopt post-quantum cryptographic primitives designed to resist known quantum attacks while fitting blockchain constraints.
Core primitives
The dominant families of post-quantum primitives are lattice-based, hash-based, code-based, multivariate, and isogeny-based schemes. Lattice-based cryptography underpins both key-encapsulation mechanisms and signature schemes used in practical proposals. CRYSTALS-Kyber is a lattice-based key-encapsulation mechanism recommended during NIST’s Post-Quantum Cryptography standardization effort led by Dustin Moody at NIST. For signatures, CRYSTALS-Dilithium and FALCON are lattice-based candidates offering different trade-offs between signature size and computational cost. Hash-based signatures such as SPHINCS+ provide conservative security built on collision-resistant hash functions, making them attractive when long-term security guarantees are prioritized. Code-based schemes descend from the McEliece family and offer proven resilience but often suffer from large public keys. Isogeny-based approaches promised compact keys, but the isogeny-based SIKE primitive was broken by Wouter Castryck and Thomas Decru at KU Leuven, illustrating that research remains active and transformative.
KEMs (key encapsulation mechanisms) enable secure exchange of symmetric keys between parties, a practical building block for encrypting wallet seeds or channel state. Digital signatures provide transaction authentication; post-quantum signature schemes must be unforgeable under chosen-message attacks and performant enough for widespread use in constrained environments like hardware wallets and embedded nodes. Not all post-quantum algorithms are equal for blockchain constraints: some have small signatures but heavy computation, others have large keys that increase on-chain storage costs.
Relevance, causes, and consequences
The cause for migration is straightforward: quantum-capable adversaries would undercut the foundational trust model of permissionless ledgers. Consequences for cryptocurrencies include protocol-level migration, increased transaction sizes when on-chain signatures or public keys grow, and higher storage and bandwidth demands that raise operating costs and environmental footprint. These technical shifts interact with human and cultural factors: conservative communities prioritizing stability, such as Bitcoin, may resist rapid protocol changes, while developer-driven ecosystems may adopt hybrid schemes sooner. Territorial and regulatory nuance is also significant; standards set by NIST influence vendors and governments in the United States, while European and Asian authorities pursue their own assessments and certifications, creating potential interoperability challenges.
Practical deployment requires rigorous cryptographic engineering, implementation audits, and transition strategies like hybrid signatures combining classical and post-quantum primitives to hedge risk. Wallet vendors, custodians, and exchanges must update key management and recovery workflows. Research and standardization continue to evolve, so cautious, evidence-based adoption guided by experts at institutions such as NIST and leading cryptography research groups remains essential to preserve security and trust in the quantum era.