Latest news with #ECC
Yahoo
2 days ago
- Business
- Yahoo
Bitcoin Traders Are Discussing BTC's Record High, but Quantum Computing Is Threatening the Math Behind It
A new report by Capgemini warns that quantum computing may break the widely used public-key cryptographic systems within the next decade — threatening everything from online banking to blockchain security. The report did not single out bitcoin (BTC), but focused on encryption systems such as RSA and ECC — the same cryptographic primitives that underpin crypto wallets, transaction signatures, and key security in most blockchains. Bitcoin relies on elliptic curve cryptography (ECC) to secure wallet addresses and validate ownership. But ECC, like RSA, is vulnerable to Shor's algorithm — a quantum computing method capable of cracking the discrete logarithm problem, the core math behind bitcoin's private keys. Capgemini's findings were based on a survey of 1,000 large organizations across 13 countries. Of those, 70% are either preparing for or actively implementing post-quantum cryptography (PQC) — a new class of algorithms designed to resist quantum attacks. Yet only 15% of respondents were considered 'quantum-safe champions,' and just 2% of cybersecurity budgets globally are allocated toward this transition. 'Every encrypted asset today could become tomorrow's breach,' the report warned, referring to so-called 'harvest now, decrypt later' attacks. These involve stockpiling encrypted data now in hopes that quantum computers can break it later — a real risk for any blockchain with exposed public keys. In bitcoin's case, that includes over 25% of all coins, which have revealed their public keys and would be immediately vulnerable if Q-Day — the hypothetical moment quantum machines can break modern encryption — arrives. Earlier this week, a draft proposal by Bitcoin developer Jameson Lopp and other researchers outlined a phased plan to freeze coins secured by legacy cryptography, including those in early pay-to-pubkey addresses like Satoshi Nakamoto's wallets. The idea is to push users toward quantum-resistant formats before attackers can sweep dormant funds unnoticed. 'This proposal is radically different from any in Bitcoin's history just as the threat posed by quantum computing is radically different from any other threat in Bitcoin's history,' the authors wrote, as CoinDesk reported. While the timeline for Q-Day remains uncertain, Capgemini's report notes that breakthroughs in quantum error correction, hardware design, and algorithm efficiency have accelerated over the past five years. In some scenarios, researchers believe a cryptographically relevant quantum computer (CRQC) could emerge before 2030. Meanwhile, governments are acting. The U.S. NSA plans to deprecate RSA and ECC by 2035, and NIST has finalized several PQC algorithms like Kyber and Dilithium for public use, Capgemini said. Cloudflare, Apple, and AWS have begun integrating them, but as of Friday no major blockchain network (i.e. with tokens in the top ten by market capitalization) has made such moves. As such, bitcoin's quantum debate remains theoretical and all steps being taken are preemptive. But as institutions, regulators, and tech giants prepare for a cryptographic reset, the math behind crypto's security may not hold forever.
Yahoo
3 days ago
- Business
- Yahoo
Bitcoin Traders Are Discussing BTC's Record High, but Quantum Computing Is Threatening the Math Behind It
A new report by Capgemini warns that quantum computing may break the widely used public-key cryptographic systems within the next decade — threatening everything from online banking to blockchain security. The report did not single out bitcoin (BTC), but focused on encryption systems such as RSA and ECC — the same cryptographic primitives that underpin crypto wallets, transaction signatures, and key security in most blockchains. Bitcoin relies on elliptic curve cryptography (ECC) to secure wallet addresses and validate ownership. But ECC, like RSA, is vulnerable to Shor's algorithm — a quantum computing method capable of cracking the discrete logarithm problem, the core math behind bitcoin's private keys. Capgemini's findings were based on a survey of 1,000 large organizations across 13 countries. Of those, 70% are either preparing for or actively implementing post-quantum cryptography (PQC) — a new class of algorithms designed to resist quantum attacks. Yet only 15% of respondents were considered 'quantum-safe champions,' and just 2% of cybersecurity budgets globally are allocated toward this transition. 'Every encrypted asset today could become tomorrow's breach,' the report warned, referring to so-called 'harvest now, decrypt later' attacks. These involve stockpiling encrypted data now in hopes that quantum computers can break it later — a real risk for any blockchain with exposed public keys. In bitcoin's case, that includes over 25% of all coins, which have revealed their public keys and would be immediately vulnerable if Q-Day — the hypothetical moment quantum machines can break modern encryption — arrives. Earlier this week, a draft proposal by Bitcoin developer Jameson Lopp and other researchers outlined a phased plan to freeze coins secured by legacy cryptography, including those in early pay-to-pubkey addresses like Satoshi Nakamoto's wallets. The idea is to push users toward quantum-resistant formats before attackers can sweep dormant funds unnoticed. 'This proposal is radically different from any in Bitcoin's history just as the threat posed by quantum computing is radically different from any other threat in Bitcoin's history,' the authors wrote, as CoinDesk reported. While the timeline for Q-Day remains uncertain, Capgemini's report notes that breakthroughs in quantum error correction, hardware design, and algorithm efficiency have accelerated over the past five years. In some scenarios, researchers believe a cryptographically relevant quantum computer (CRQC) could emerge before 2030. Meanwhile, governments are acting. The U.S. NSA plans to deprecate RSA and ECC by 2035, and NIST has finalized several PQC algorithms like Kyber and Dilithium for public use, Capgemini said. Cloudflare, Apple, and AWS have begun integrating them, but as of Friday no major blockchain network (i.e. with tokens in the top ten by market capitalization) has made such moves. As such, bitcoin's quantum debate remains theoretical and all steps being taken are preemptive. But as institutions, regulators, and tech giants prepare for a cryptographic reset, the math behind crypto's security may not hold in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Chicago Tribune
3 days ago
- Entertainment
- Chicago Tribune
Elgin News Digest: Gail Borden, Fox River library districts receive state grants; ECC awarded $295,000 grant to expand EV technician training
The Illinois Secretary of State's office has awarded in $221,112 grant money to the Gail Borden Public Library District in Elgin and $105,506 to the Fox River Valley Library District in East Dundee. Both per-capita grants are based on population and part of nearly $20 million in funding provided to library districts across the state, according to a news release. 'These funds are not designated to a specific project, but are helpful in enabling us to continue to provide the community with literacy resources, Internet access and many of our services and programs,' Gail Borden spokeswoman Natalie Kiburg said. 'We are so appreciative of this funding as it is essential to our community's vital resources.' News of the state's grants comes amid federal cuts to library budgets nationwide. In March, President Donald Trump signed an executive order to eliminate and defund the Institute of Museum and Library Services, which issues $180 million annually to libraries nationwide. Illinois receives nearly $6 million annually, the sixth highest amount of any state, according to the release. Elgin Community College's Sustainability, Business and Career Technology division has been awarded a $295,794 RevUp EV Community College Initiative Grant. The money will be used to expand existing programs and develop new coursework to support technician training in electric vehicle systems, including components of EV advanced manufacturing, according to a news release. 'This grant will help Elgin Community College stay ahead of the curve as the electric vehicle industry continues to grow,' ECC President Peggy Heinrich said in the release. The initiative is part of a statewide effort to accelerate the development of EV infrastructure and workforce capacity in Illinois. It is administered by the Illinois Community College Board and funded by the Illinois Environmental Protection Agency. Elgin Community College Musical Theatre production's of 'Shrek The Musical' will be staged the weekends of July 25-28 and Aug. 1-3 at the school's Second Space Theatre in the ECC Arts Center. The Tony Award-winning musical is based on the 2001 animated Dreamworks movie. ECC's production is directed by Cale Haupert with musical directors Marc Beth and Douglas Orlyk, according to a news release. 'At the heart of 'Shrek The Musical' is a truly beautiful love story,' Haupert said in the release. 'Shrek thinks there is no one in the world who would care for him, but he slowly discovers that he can find true friendship and more when he is brave enough to show the world his true self.' Show times are 7:30 p.m. July 25 and Aug. 1; 7:30 p.m. July 26 and Aug. 2; and 3 p.m. July 27 and Aug. 3. Tickets are $22 for adults, $20 for seniors and free for ECC students. Elgin Township Senior Access Passes cannot be used to obtain tickets. For purchase tickets, go online at call 847-622-0300 or go to the Arts Center box office.
TECHx
3 days ago
- TECHx
Quantum Agility, Not Just Safety, Is the Real Cyber Goal
Home » Expert opinion » Quantum Agility, Not Just Safety, Is the Real Cyber Goal Quantum Agility, not just safety, is key to future-ready cybersecurity, warns Uday Shankar Kizhepat of WSO2 , as quantum threats loom over today's encrypted data. At the turn of the millennium, businesses worldwide scrambled to prepare for Y2K. The fear was that ageing computer systems would collapse under the pressure of the date change from 1999 to 2000, crashing systems that ran banks, governments, and even aircraft. As we look ahead to the next decade, a new acronym is making the rounds: Y2Q. Stepping out of the realm of science fiction, we're likely to soon witness the year powerful quantum computing becomes a reality. This time, however, the problem isn't simply correcting a date. It's about redefining the very foundations of digital trust. And while the urgency may not feel as immediate, the stakes are arguably higher. The shift from classical to quantum computing isn't a single moment in time. It's a fast-approaching inevitability with ramifications that will play out over years to come. So, rather than focus on quantum 'readiness' alone, organisations need to prepare for something more dynamic: Quantum Agility. What's at Stake in the Quantum Era We live comfortably in the digital world because of a foundational layer of security, public key infrastructure (PKI). It's what makes your bank transactions secure, ensures your government IDs can't be tampered with, and keeps your company's internal communications private. Encryption algorithms such as RSA, Elliptic Curve Cryptography (ECC), and SHA-256 power everything from digital certificates and secure web browsing (TLS) to cryptocurrencies. These algorithms are effective today because classical computers don't have the computational muscle to break them in a practical timeframe. However, quantum computers operate fundamentally differently. Once they mature, which experts estimate sometime between 2030 and 2035, they could crack RSA-2048 encryption not in decades, but mere hours. The danger isn't just in the future. The 'Harvest Now, Decrypt Later' tactic means attackers today could be intercepting and storing encrypted data, waiting for the moment quantum machines become powerful enough to decrypt it. So even if quantum computing is still years away, the data you produce right now is already vulnerable. Consider the real-world implications A financial institution operating in Riyadh might have customer records, transaction histories, and authentication data dating back a decade. If those are intercepted today and decrypted in 10 years, the fallout from identity theft to financial fraud would be devastating. A government agency in Abu Dhabi managing critical national infrastructure could face compromised security protocols. In aviation, where manufacturers and airlines rely on encrypted systems for maintenance data, passenger manifests, and flight telemetry, the consequences could be catastrophic with even human lives at stake. Why IAM Is the High-Stakes Battlefield While all digital systems need to evolve to become quantum-safe, one area requires immediate attention, Identity and Access Management (IAM). Today, IAM solutions serve as the digital gatekeepers of an organisation. Every employee login, every third-party system integration, and every customer authentication journey passes through this layer. From encrypting passwords to issuing security tokens and ensuring encrypted communication, IAM systems are built on cryptography. If quantum computing renders today's encryption obsolete, the IAM layer becomes the weakest link. And once compromised, attackers don't just gain access to one system, they gain access to everything behind it. Imagine the IAM system in a major developer in the UAE being breached. Sensitive procurement data, strategic project timelines, and even customer identities could all be at risk. This makes quantum-safety in IAM not just a cybersecurity issue, but a business continuity one. It's Not Just About Safety, It's About Agility The good news is that the industry has recognised the threat and quantum-safe algorithms are being developed. But the field is evolving rapidly. Just as the AI chatbots of just a decade ago perform laughably compared to today's powerful LLMs, what's considered quantum-safe today might not hold up to tomorrow's tech advancements. That's why crypto-agility, the ability to quickly and easily swap out cryptographic algorithms is just as important as quantum safety itself. Think of crypto-agility like software updates. You don't want to rebuild your entire security architecture every time a better encryption standard is released. You want the flexibility to slot new components into existing systems with minimal friction. This is where forward-thinking vendors like WSO2 are leading the charge. Rather than hard-coding cryptography into systems, these companies are embedding crypto-agility into the DNA of their solutions. This enables businesses to adapt to new quantum-safe standards as they emerge, without costly and time-consuming overhauls. And this is not just a technical nicety, it's a strategic imperative. In a region like the Middle East, where digital transformation is accelerating across banking, aviation, real estate, and public services, the ability to pivot swiftly and securely will define market leaders over the next decade. Laying the Groundwork Today for Tomorrow's Reality If the past two decades of digital innovation have taught us anything, it's that resilience comes from flexibility. The businesses that survived and thrived through multiple waves of disruption were those that invested in strong foundations, built with future adaptability in mind. Quantum computing may still sound like science fiction to some, but the groundwork for its impact is already being laid. The security protocols we adopt today must not only shield data in the present, but safeguard it for the future. That's why the shift from quantum-safety to quantum-agility isn't just a technical nuance. The start of the next decade isn't far away. The time to act is now. Invest in systems that allow you to adapt, pivot, and protect, not just against what's coming, but against what's already here, hidden in plain sight. By Uday Shankar Kizhepat, Vice President and GM – MEA, WSO2
Time of India
5 days ago
- Time of India
What is Rowhammer bit-flip attack which forced Nvidia to issue security alert
Researchers discovered that Nvidia's A6000 GPUs are prone to Rowhammer attacks. This allows hackers to tamper with user data on shared GPUs. Nvidia has issued an alert, advising users to enable Error Correction Code. Newer GPUs with GDDR7 or HBM3 memory have built-in protection. This vulnerability poses a risk in multi-tenant environments. Tired of too many ads? Remove Ads What Is Rowhammer bit-flip attack Tired of too many ads? Remove Ads Why is this a problem for Nvidia GPUs? How did Nvidia respond? A team of researchers has revealed that Nvidia's A6000 GPUs using GDDR6 memory are vulnerable to Rowhammer attacks, which can allow hackers to interfere with users' data on a shared GPU in the cloud, like AI models, even if they don't have direct access to it. In response to the research, Nvidia issued an alert for users asking them to ensure system-level ECC is enabled across the following NVIDIA products.'Specific generations of DRAM devices starting with DDR4, LPDDR5, HBM3, and GDDR7 implement On-Die ECC (OD-ECC) to help with DRAM scaling. OD-ECC indirectly protects Rowhammer bit flips. Note: OD-ECC is not adjustable by users. If OD-ECC is present, it is always enabled,' the company said in its alertRowhammer is a security issue where repeated access to memory can silently change data. Researchers just showed that this attack now works on Nvidia GPUs, so Nvidia issued an alert and recommends using ECC to stay for GPUs, also called GPUHammer, is a new hardware attack that targets graphics cards, specifically NVIDIA GPUs with GDDR6 memory. It is a hardware vulnerability found in computer memory chips (DRAM).Normally, data is safely stored in separate rows of memory cells. But if you rapidly and repeatedly access (hammer) one row, it introduces bit flips in adjacent memory rows. This can 'flip' bits of data even if no one directly accessed that data.'Since 2014, this vulnerability has been widely studied in CPUs and CPU-based memories like DDR3, DDR4, and LPDDR4. However, with critical AI and ML workloads now running on discrete GPUs in the cloud, it is vital to assess the vulnerability of GPU memories to Rowhammer attacks,' the researchers is a circuit-level DRAM vulnerability that lets attackers flip bits in neighboring memory rows. It had only been shown on CPU DRAM before, but now, researchers have demonstrated the first Rowhammer bit-flip attack on GPU DRAM, specifically on GDDR6 memory used in NVIDIA GPUs like the can potentially use Rowhammer to mess with another user's data on a shared GPU in the cloud, like AI models, even if they don't have direct access to it. The research proved that even a single bit flip could destroy the accuracy of an AI attack works in shared environments where multiple people or programs are using the same GPU at the same time (multi-tenant setups).Nvidia confirmed the Rowhammer risk on some GPUs and advised customers to turn on Error Correction Code (ECC), a memory feature that can catch and fix single-bit errors. This helps stop Rowhammer attacks, though it might slow down some AI workloads by up to 10%.Newer Nvidia GPUs (like those with GDDR7 or HBM3 memory) already have built-in protections (on-die ECC) against this type of attack.
