Artificial intelligence and cryptocurrencies are two incredibly popular topics in tech, and yet not many people discuss the impact that machine learning could have on cryptocurrency.
Cryptography plays many important functions in society. Cryptography is used for authentication, authorization, encryption, verification, and more. Understanding the purpose and limitations of these cryptographic tools is critical for responsibly managing our social information systems.
Often, the human factor of security is presented as the primary source of vulnerability, while the mathematical aspect is considered its strength. The rule of product, from combinatorics, is the basic mathematical premise of algorithmic security: combine enough independent possibilities, and the total number of possibilities grows exponentially, necessitating prior knowledge to make the right choices, needed to extract or create mathematically secured information.
But it’s the human factor that we rely on to maintain a system when everything else fails. We work together to fix and rebuild in the face of disaster. Communities show their real potential when they are under the greatest threat. This is a powerful and timeless story that has been repeated throughout human history. But what happens when humans are simply outclassed?
Chess is another domain where the explosion of combinatorial possibilities makes the ‘right’ choice impossible without prior knowledge. Years of training and practice hone a chess player’s intuition to make better choices.
In 1997, a computer outperformed the world’s top chess player for the first time. That was a groundbreaking accomplishment, and I remember the palpable excitement in the media and general public. More recently, alphazero, a neural network developed by Google’s DeepMind project, beat the previous top chess engine named Stockfish. I found this analyis quite interesting, as it highlights the creative, intuitive approach alphazero demonstrates in its chess game.
The main difference between alphazero and stockfish, is that the latter is an engine designed and built by many human programmers working together, while alphazero is a neural network, that was trained, and not designed, to master chess. This means it has the potential to be quickly applied to new and different problems.
Cryptographic Algorithms Have Varied Security Potential, Depending on their Application
Let’s look at 3 important classes of cryptographic algorithms:
- Hash functions
- Public key cryptography(asymmetric key)
- Symmetric key encryption
Symmetric key encryption is used to securely store information so that it can only be accessed with a private key. Because only the private key is involved, is the least interesting, but also most secure, cryptographic application. Symmetric key encryption has the strongest security potential, in fact, the one time pad, is the “only provably secure cryptosystem” (Schneier on Security). The one time pad could be summarized as using a different 1 byte key to transform each successive byte. Even a simple transformation like XOR or modular addition offers perfect security with a one time pad.
Hash functions and public key cryptography are used extensively by cryptocurrencies. Proof of work uses hash functions to constantly increase the difficulty of making a forgery of a blockchain. Public key cryptography is used to sign transactions.
We depend on the fact that no human or computer can deduce or imitate information hidden in plain sight, unless they have knowledge of the proper cryptographic tokens. But machine intelligence and quantum computing will likely threaten this in new and unexpected ways.
At some point, it is likely that bitcoin and other cryptocurrencies will have to update their cryptographic algorithms. Ideally this will be a gradual process, as researchers progressively demonstrate more compelling attacks against the current generation of cryptographic algorithms.
But what if an entire class of algorithms, like hash functions, or public key cryptography, becomes unreliable? It’s conceivable that when this generation of algorithms fail, we may not understand immediately how to design the next generation of algorithms properly. What if we have to update our cryptographic algorithms on a revolving basis, like monthly or weekly? Would cryptocurrencies be able to handle recurring periods of vulnerability? Every coin that is minted is a specific financial reward for performing new mathematical cryptographic feats. As the total amount of money in cryptocurrency increases, that could be a catalyst for stronger efforts to break cryptography. In the cat and mouse game of security, the advantage can swing dramatically from one side to the other.
“Darn it! Looks like someone just broke FutureSuperQuantumHashFunction3000, time to get the new hash functions. . . That one lasted only 3 days this time!”
Cryptocurrencies are especially vulnerable to these issues, because they rely fundamentally on cryptography. This has many real benefits, but also does not come without some risk as well.
If someone can eavesdrop on your banking connection, they have to go through additional steps to capitalize on that, and it’s not as clear what the exact take will be. Also, there are bureaucratic processes in place to resolve issues, because frankly, it’s expected there will be issues from time to time. Cryptocurrencies consistently use best cryptographic practices, but they are also less prepared to address security failures through the human process.
While I don’t necessarily expect the worst case, I think there’s a lot of interesting contingencies we can’t all account for beforehand.