What does quantum-ready mean?

A quantum-ready device is built to run the upgrades of the future. In this article, we’ll tell you about the quantum threat, the solution, and how we plan to implement it over time.

What is the quantum threat?

The quantum threat is the risk that quantum computers could break the encryption behind public/private key pairs, which is the the foundation of blockchain security.

Cryptocurrencies - and much of today’s digital world - depend on encryption that current computers cannot break. Quantum computers, however, may be the first machines capable of doing so.

Quantum computers could theoretically use public blockchain data to derive private keys in certain cases, bypassing wallet backups.

Theoretically, anyone with a sufficiently powerful quantum computer could use it to access funds stored on vulnerable addresses, making the move to post-quantum cryptography essential for the future of self-custody.

Unlike normal computers, which process data using bits, quantum computers use qubits - entities that can represent many possibilities at once. When measured, a qubit collapses to a single outcome, but before then, every qubit holds a vast spectrum of probabilities, not just 0 or 1.

Each added qubit (in an ideal system) multiplies a quantum computer’s capacity exponentially. At 300 qubits, the possible states already (theoretically) outnumbers the number of atoms in the observable universe.

The number of theoretical logical qubits needed to break a 256-bit elliptic curve like Bitcoin’s secp256k1 are on the order of a few thousand, but the real number of physical qubits required (with error correction) could be hundreds of thousands to many millions, depending on hardware and error rates.

The main concern is that quantum computers could one day factor large numbers and solve elliptic curve problems efficiently - the foundations of cryptography which secures not only hardware wallets and Bitcoin, but most of our digital world.

What is quantum-ready?

A 'quantum ready' device is a device which will be able to run post-quantum cryptographic updates. The world will need to migrate to post-quantum cryptography, a shift resembling the move from analog to digital, but with a lot more nuance.

Given that cryptography underpins so much of modern life, this shift will apply far beyond cryptocurrency, from financial systems to the entire internet.

In order to run these updates, a device will need to be quantum-ready on the hardware level, because this can’t be changed after leaving the factory.

Post-quantum cryptography

Trezor Safe 7’s boardloader uses the SLH-DSA-128 standard because it provides a practical balance of speed, performance, and memory for a component that cannot be changed once the device leaves the factory.

For a detailed explanation, please read Going Quantum.

Can the Trezor Safe 7 support all future post-quantum blockchain standards?

Trezor Safe 7 is designed to be flexible, but this is not a guarantee that it will be able to support highly resource-intensive future standards.

The future of quantum computing is unknown, and no solution can be guaranteed today.

Trezor Safe 7 represents is the first step in the industry towards fighting the quantum threat, and the guarantee of being able to verify firmware updates in a post-quantum world.

Navigating a post-quantum future

Self-custody will meet its hardest challenge in the quantum era. With this step, we introduce quantum-readiness to hardware wallets so that self-custody, privacy, and freedom do not end when quantum computers arrive.

The advance of quantum computing is slow, but inevitable. Work like BIP360 shows how protocols may adapt, but adoption will take time and requires preparation well in advance, especially at the hardware level, which is why we decided to prioritize quantum readiness.

Trezor Safe 7 gives you the tools to act when post-quantum upgrades arrive, while keeping your wallet backup offline and in your control.