Published Date: 2021-11-12
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident related to the vulnerability of blockchain accounting technology to quantum computing attacks was discussed in an article published on 2021-11-12 [120961]. 2. The incident was not directly mentioned in the article, but based on the information provided, it can be estimated that the software failure incident related to quantum computing threats to cryptocurrencies occurred before the publication date of the article, which is November 12, 2021. |
| System | 1. Public key cryptography system used to secure cryptocurrencies [Article 120961] |
| Responsible Organization | 1. Quantum computing advancements: Quantum computers pose a threat to cryptocurrencies by potentially breaking public key cryptography, leading to vulnerabilities in the crypto world [Article 120961]. |
| Impacted Organization | 1. Cryptocurrency holders and users [Article 120961] |
| Software Causes | 1. Vulnerability of blockchain accounting technology to sophisticated attacks and forged transactions due to potential future cracking of public key cryptography by quantum computers [Article 120961]. 2. Need for adoption of post-quantum cryptography technology to address the quantum computing problem in cryptocurrencies [Article 120961]. 3. Potential disruption of digital fingerprinting technology (hashing) by quantum computers, which could impact blockchains [Article 120961]. 4. Vulnerability of cryptocurrency wallets to quantum computing, potentially leading to the emptying of wallets if successfully attacked [Article 120961]. |
| Non-software Causes | 1. Quantum computing advancements potentially outpacing efforts to future-proof digital money [Article 120961]. |
| Impacts | 1. The software failure incident discussed in the article highlights the vulnerability of blockchain accounting technology that powers cryptocurrencies to sophisticated attacks and forged transactions if quantum computing matures faster than efforts to future-proof digital money [Article 120961]. 2. The potential impact of quantum computing advancements on public key cryptography used to secure cryptocurrencies could lead to the impersonation of legitimate owners of cryptocurrency, NFTs, or other digital assets, posing a serious threat to the crypto world [Article 120961]. 3. The need for adopting post-quantum cryptography technology to address the quantum computing problem in cryptocurrencies is emphasized, as current encryption methods may become obsolete with the advancement of quantum computers [Article 120961]. 4. The decentralized governance structures of many cryptocurrencies could face challenges in swiftly adopting post-quantum protection measures, potentially leaving them vulnerable to quantum attacks if their communities are slow and disorganized to act [Article 120961]. 5. Quantum computers could disrupt the digital fingerprinting technology called hashing that blockchains rely on, posing a risk that may require technology updates to mitigate [Article 120961]. 6. Cryptocurrency wallets, which store private keys needed to access digital assets recorded on the blockchain, could be vulnerable to quantum computing attacks, potentially leading to the emptying of wallets and financial losses for users [Article 120961]. |
| Preventions | 1. Implementing post-quantum cryptography technology that is being developed by the computing industry and actively worked on by several cryptocurrency and blockchain efforts [Article 120961]. 2. Strengthening governance structures within cryptocurrencies to enable swift adoption of post-quantum protection measures, potentially favoring cryptocurrencies with stronger central powers or central bank-issued "govcoins" [Article 120961]. 3. Updating blockchain technology to address potential disruptions caused by quantum computers to the digital fingerprinting technology called hashing [Article 120961]. 4. Encouraging users to upgrade their cryptocurrency wallets to ensure they are not vulnerable to quantum computing attacks [Article 120961]. |
| Fixes | 1. The software failure incident related to the vulnerability of blockchain accounting technology to quantum computing attacks could be fixed by adopting post-quantum cryptography technology that is being developed by the computing industry [Article 120961]. 2. The US government's National Institute of Standards and Technology (NIST) is actively involved in finding quantum-proof cryptography algorithms to address the quantum computing threat to cryptocurrencies [Article 120961]. 3. Cryptocurrency and blockchain efforts are actively working on developing quantum-resistant software to mitigate the risks posed by quantum computing [Article 120961]. | References | 1. Dawn Song, computer security entrepreneur and professor at the University of California, Berkeley 2. Nir Minerbi, CEO of quantum software maker Classiq Technologies 3. Peter Chapman, CEO of quantum computer maker IonQ 4. Hunter Jensen, chief technology officer of Permission.io 5. Andersen Cheng, chief executive at Post Quantum, a London-based company 6. Joe Genereux, senior cryptography and security engineer at browser maker Brave 7. David Sacco, University of New Haven professor [120961] |
| Category | Option | Rationale |
|---|---|---|
| Recurring | unknown | The articles do not provide information about a specific software failure incident happening again at a particular organization or across multiple organizations. Therefore, the information related to the recurrence of a software failure incident within the same organization or across multiple organizations is unknown. |
| Phase (Design/Operation) | design, operation | (a) The article discusses the potential software failure incident related to the design phase, specifically in the context of cryptocurrencies and blockchain technology. It highlights the vulnerability of blockchain accounting technology that powers cryptocurrencies to sophisticated attacks and forged transactions if quantum computing matures faster than efforts to future-proof digital money [Article 120961]. (b) The article also touches upon the potential software failure incident related to the operation phase, mentioning the risk that quantum computing poses to cryptocurrency wallets. These wallets store private keys that people need to access their digital assets recorded on the blockchain, and a successful attack could empty a wallet [Article 120961]. |
| Boundary (Internal/External) | within_system, outside_system | (a) within_system: The software failure incident related to the vulnerability of cryptocurrencies to quantum computing is primarily due to factors originating from within the system itself. The vulnerability arises from the use of public key cryptography to secure cryptocurrencies, which could be compromised by the power of quantum computers [Article 120961]. The need for post-quantum cryptography technology to address this vulnerability is also an internal factor that can be implemented within the system [Article 120961]. (b) outside_system: While the main issue of vulnerability to quantum computing is within the system, there is also an external factor mentioned in the articles. The decentralized governance structure of many cryptocurrencies, which relies on convincing participants to update the system, presents a challenge that originates from outside the system [Article 120961]. |
| Nature (Human/Non-human) | non-human_actions, human_actions | (a) The article discusses the potential software failure incident related to quantum computing advancements impacting cryptocurrencies. Quantum computers could potentially crack public key cryptography used to secure cryptocurrencies, leading to vulnerabilities in the crypto world [Article 120961]. This failure would be a result of non-human actions, specifically the advancement of quantum computing technology beyond current encryption capabilities. (b) On the other hand, the article also highlights the importance of governance structures in cryptocurrencies and how slow or disorganized actions by human participants in the crypto community could lead to vulnerabilities in the face of quantum computing threats [Article 120961]. This failure would be a result of human actions, specifically the decision-making processes and governance within the cryptocurrency networks. |
| Dimension (Hardware/Software) | software | (a) The articles do not mention any software failure incident occurring due to contributing factors originating in hardware. Hence, there is no information available regarding a software failure incident related to hardware in the provided articles. (b) The articles discuss the potential software failure incident related to cryptocurrencies and blockchain technology due to the advancement of quantum computing. Quantum computers could potentially crack public key cryptography, which is a fundamental security measure for cryptocurrencies, leading to serious threats to the crypto world [Article 120961]. This software failure incident is primarily attributed to contributing factors originating in software, specifically the vulnerability of current encryption methods to quantum computing advancements. |
| Objective (Malicious/Non-malicious) | malicious, non-malicious | (a) The article discusses the potential threat of quantum computing to cryptocurrencies, particularly in terms of malicious attacks. It highlights how quantum computers could potentially crack public key cryptography, leading to attackers impersonating legitimate owners of cryptocurrency and digital assets, resulting in users losing their funds and the entire system breaking down [Article 120961]. (b) The article also mentions non-malicious contributing factors related to the software failure incident, such as the need for post-quantum cryptography technology to address the quantum computing problem faced by cryptocurrencies. It discusses the efforts of the US government's National Institute of Standards and Technology (NIST) and various cryptocurrency and blockchain projects actively working on quantum-resistant software to mitigate the risks posed by quantum computing [Article 120961]. |
| Intent (Poor/Accidental Decisions) | unknown | The articles do not provide information about a specific software failure incident related to poor decisions or accidental decisions. |
| Capability (Incompetence/Accidental) | accidental | (a) The article discusses the potential software failure incident related to development incompetence in the context of quantum computing posing a threat to cryptocurrencies. It highlights the vulnerability of blockchain accounting technology used in cryptocurrencies to sophisticated attacks and forged transactions if quantum computing advances faster than efforts to future-proof digital money [Article 120961]. This vulnerability arises due to the potential cracking of public key cryptography by quantum computers, which could lead to serious threats to the crypto world, including the impersonation of legitimate owners of digital assets. (b) The article also touches upon the accidental introduction of contributing factors leading to a software failure incident. It mentions the risk that quantum computers pose to blockchains by disrupting the digital fingerprinting technology called hashing, which could be fixable with more-modest technology updates [Article 120961]. Additionally, the vulnerability of cryptocurrency wallets to quantum computing is highlighted, where successful attacks could potentially empty a wallet, emphasizing the need for users to upgrade keys to mitigate risks. |
| Duration | unknown | The articles do not provide information about a specific software failure incident related to either a permanent or temporary duration. |
| Behaviour | omission, value, other | (a) crash: The articles do not mention any software failure incident related to a crash where the system loses state and does not perform any of its intended functions. (b) omission: The articles discuss the potential vulnerability of cryptocurrencies to sophisticated attacks and forged transactions if quantum computing matures faster than efforts to future-proof digital money. This omission in performing intended functions could lead to serious threats in the crypto world [Article 120961]. (c) timing: The articles do not mention any software failure incident related to timing, where the system performs its intended functions correctly but too late or too early. (d) value: The articles highlight the risk of quantum computers being able to crack public key cryptography, potentially leading to attackers impersonating legitimate owners of cryptocurrency, NFTs, or other digital assets. This incorrect performance of the system could result in users losing their funds and the whole system breaking down [Article 120961]. (e) byzantine: The articles do not mention any software failure incident related to a byzantine behavior, where the system behaves erroneously with inconsistent responses and interactions. (f) other: The articles discuss the potential risks associated with quantum computing in the context of cryptocurrencies, such as the need for post-quantum cryptography technology to address the quantum computing problem. Additionally, the decentralized governance structures of cryptocurrencies could pose challenges in swiftly adopting post-quantum protection, potentially leading to failures in the system [Article 120961]. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property, non-human, theoretical_consequence | (a) death: There is no mention of people losing their lives due to the software failure incident in the articles. (b) harm: The articles do not mention people being physically harmed due to the software failure incident. (c) basic: The articles do not mention people's access to food or shelter being impacted because of the software failure incident. (d) property: The software failure incident discussed in the articles could potentially impact people's material goods, money, or data. If encryption is broken due to quantum computing advancements, attackers could impersonate legitimate owners of cryptocurrency, NFTs, or other digital assets, potentially leading to financial losses [120961]. (e) delay: The articles do not mention people having to postpone an activity due to the software failure incident. (f) non-human: The software failure incident discussed in the articles primarily focuses on the potential impact on cryptocurrencies, blockchain technology, and digital assets. Non-human entities such as digital assets and blockchain technology could be impacted by the software failure incident [120961]. (g) no_consequence: The articles do not mention that there were no real observed consequences of the software failure incident. (h) theoretical_consequence: The articles discuss potential consequences of the software failure incident, such as the vulnerability of blockchain accounting technology to sophisticated attacks and forged transactions if quantum computing matures faster than efforts to future-proof digital money. The potential consequences include the risk of encryption being broken, leading to attackers impersonating legitimate owners of digital assets [120961]. (i) other: The articles do not mention any other specific consequences of the software failure incident beyond those discussed in the options (a) to (h). |
| Domain | finance | (a) The failed system was related to the finance industry as it involved cryptocurrencies and blockchain technology. The incident highlighted the potential vulnerability of cryptocurrencies to sophisticated attacks and forged transactions if quantum computing matures faster than efforts to future-proof digital money [Article 120961]. The article discussed the impact of quantum computing on public key cryptography, which is fundamental to securing cryptocurrencies and digital assets in the finance sector. (h) The software failure incident was specifically related to the finance industry, focusing on the security implications for cryptocurrencies and blockchain technology. The vulnerability of blockchain accounting technology to quantum computing was highlighted, posing a serious threat to the crypto world where some currencies are valued at hundreds of billions of dollars [Article 120961]. (m) The failed system was not related to any other industry mentioned in the options provided. |
Article ID: 120961