Quantum threat may emerge within 15 years. After migration without changing Bitcoin's block size, quantum addresses will need 20 years.

Content Summary: Peter_Techub News

Quantum Threats May Emerge Within 15 Years; Migration Without Changing Bitcoin’s Block Size Would Require 20 Years for Quantum-Resistant Addresses — Exclusive Interview with Post-Quantum Cryptography Pioneer Professor Ding Jintai, Dean of the School of Mathematics and Physics at Xi’an Jiaotong-Liverpool University, by Techub News

By the end of 2025, quantum computing technology is advancing rapidly. The latest report from Germany’s Federal Office for Information Security (BSI) indicates that significant breakthroughs in quantum error correction are expected in 2024, with a conservative estimate that cryptography-related quantum computers could appear within 15 years. This transforms the “quantum threat” facing Bitcoin and the entire digital financial system from a distant hypothetical into an imminent reality: once large-scale quantum computers mature, the current public key cryptography system will be vulnerable, and all encrypted assets will face the risk of being exposed.

In this exclusive interview, Techub News founder Alma engages in an in-depth discussion with Professor Ding Jintai, an international authority in post-quantum cryptography and Dean of the School of Mathematics and Physics at Xi’an Jiaotong-Liverpool University. Professor Ding analyzes the impact of quantum threats on Bitcoin from fundamental principles, emphasizes the urgency and difficulty of migration, and shares the current responses of the global financial system.

Profile of Professor Ding Jintai

Professor Ding is an internationally recognized expert in Post-Quantum Cryptography (PQC), with publications in top journals and conferences such as Crypto and Eurocrypt. He earned his PhD in Mathematics from Yale University in 1995, then worked at the Mathematical Analysis Research Institute in Kyoto, and has taught at the University of Cincinnati and Tsinghua University. Since 2024, he has served as Dean of the School of Mathematics and Physics at Xi’an Jiaotong-Liverpool University. Since 2000, Professor Ding has dedicated himself to research in post-quantum cryptography, becoming one of the global pioneers.

He invented the Ding Key Exchange Algorithm in 2011, influencing Google’s NewHope algorithm, and is one of the designers and patent holders of NIST’s only post-quantum key exchange standard ML-KEM (originally Kyber). “The process of cracking cryptography is full of uncertainty, but there are only two outcomes: success or failure. That’s what attracts me,” said Professor Ding. He has established the Post-Quantum Migration Cross-Disciplinary Laboratory at Xi’an Jiaotong-Liverpool University to promote research and industrialization, and advocates integrating mathematics education with industrial applications. His Rainbow algorithm was a finalist in NIST’s third round, and his team won the Crypto 2025 Best Paper Award for breaking NIST’s third-round signature scheme GeMSS.

Interview Dialogue

Alma: Professor Ding, hello. Recently, the Bitcoin community has been discussing the quantum threat intensely, with some predicting it could pose a real risk around 2030–2035. What are your thoughts?

Ding Jintai: This is a very big topic. Let’s analyze it from the fundamental principles. Many people call Bitcoin a “cryptocurrency,” but in fact, Bitcoin doesn’t use encryption algorithms; it uses signature algorithms. The core of Bitcoin is digital assets, and the most critical issue is proof of ownership—Bitcoin doesn’t belong to you or me but to a certain public key. The address is a hash of the public key, and assets are directly bound to the public key. Ownership is determined by the public key, and the right to use it depends on the private key. Only the private key can initiate transfers. If the private key is lost, the coins remain on the ledger but you can never access them—this has happened many times.

Bitcoin’s operation relies entirely on modern public key cryptography. The public key is openly shared worldwide, while the private key is held only by the owner. Only the private key can sign transactions, but anyone can verify the signature using the public key, and the signer cannot deny it. This is a one-to-many mechanism: one public key, verified by everyone globally. This is also the foundation of Bitcoin’s decentralization.

The security of public key cryptography depends on a hard mathematical problem, such as RSA’s “integer factorization problem” or elliptic curve “discrete logarithm problem.” Classical computers would need hundreds or thousands of years to solve these, so we consider them secure. But in 1994–1995, Peter Shor invented a quantum algorithm capable of efficiently solving these problems on a quantum computer. In 2001, someone built a machine with 7 qubits costing $15 million, demonstrating the theory’s feasibility, though the scale was still too small.

Because of this risk, I began researching post-quantum cryptography in 2000. Post-quantum cryptography is a new generation of public key systems designed specifically to resist quantum attacks. It is based on entirely new mathematical problems, such as the shortest vector problem on lattices. Currently, known quantum algorithms cannot efficiently break these, so within the scope of current knowledge, they are considered secure.

Since 2016, the US has been developing post-quantum standards, and in 2022, they announced four algorithms: Kyber (key exchange, later renamed ML-KEM), Dilithium, Falcon (signatures), and SPHINCS+ (hash-based). The first three are lattice-based; SPHINCS+ signatures are the largest at 48KB, making them almost unusable because they would reduce Bitcoin’s TPS to an unacceptable level. The US government currently promotes Dilithium, although its signature and public key sizes are still about ten times larger than current elliptic curve schemes.

Alma: Is Bitcoin safe now?

Ding Jintai: If your public key has never been exposed and you only show the address, classical computers and known quantum algorithms cannot attack it. But as soon as you initiate a transfer, the public key must be revealed for the network to verify. Once quantum computers exist, if you have large amounts of Bitcoin to transfer, I could “cut in” and attack your transaction: within the 10-minute block window, use a quantum computer to compute your private key, then submit a high-fee transaction to transfer your coins. Miners will prioritize my transaction. You wouldn’t even be able to tell which transaction succeeded.

Additionally, there are many “dead coins”—assets with lost private keys but exposed addresses. If quantum computers can directly reverse-engineer private keys from addresses, these coins could be activated, causing massive sell-offs and legal disputes. A significant portion of assets already have exposed public keys. More extremely, if you’re reluctant to move large holdings, the entire network could stall, and Bitcoin could become “dead.”

Alma: The quantum threat has been discussed for many years, and people always think “the wolf is coming.” Is the situation different now?

Ding Jintai: It used to be that every year they said “it will appear in 10 years.” But now, the progress is very clear. The latest report from Germany’s BSI shows that quantum error correction breakthroughs are expected in 2024, and conservatively, cryptography-related quantum computers could appear within 15 years. This is the most serious official assessment so far.

Alma: If we really have 10–15 years, what should we do now?

Ding Jintai: Migration is essential. The community must reach a consensus first, select a new signature algorithm (Dilithium, Falcon, or others), and then everyone transfers their coins from old elliptic curve addresses to new post-quantum addresses. But the problem is: with current block capacity and transaction speeds, the entire network migration could take 15–20 years, or even 5–10 years might be urgent. It’s simply too late unless block size is increased, which would create enormous pressure.

Ten years ago, I worked with my partner Andy (Liu Jin) on a similar migration attempt, researching various issues: who owns coins with lost private keys, decentralized decision-making challenges, migration duration, etc. Andy believes a complete migration is nearly impossible; I think the road is difficult but not impossible. Not migrating is a dead end. The community must make a firm decision.

Alma: How about the situation in traditional financial systems?

Ding Jintai: Banks are much more urgent than Bitcoin. JPMorgan in the US has already begun gradual replacement, and Europe is also pushing forward. Amazon AWS has completed internal migration, and many high-value clients require post-quantum security. China has a Ministry of Science and Technology project promoting bank migration. The entire internet, cloud services, and login authentication are built on public key cryptography. Once quantum computers mature, all data will be “exposed.” Even more frightening, countries or institutions with quantum computers could keep their capabilities secret, just like Britain kept quiet for years after Turing cracked Enigma during WWII, leaving other countries with no privacy in front of them. This is even more dangerous than the atomic bomb—it can silently infiltrate any bank or company and modify any data.

Alma: What if different countries’ standards are not unified?

Ding Jintai: Then they won’t be interoperable, like people speaking different languages. Currently, Europe and the US mostly follow the US NIST standards, and China is developing its own standards, but international communication still needs compatibility. If the next generation refuses to compromise, the internet could be completely split.

Alma: The Bitcoin community now has conservative and radical factions. What’s your view?

Ding Jintai: The conservatives see Bitcoin as “digital gold” and are reluctant to change core rules frequently, fearing to shake their faith. The radicals believe they face existential threats and must upgrade. My clear stance is: migration is necessary; not doing so means death. It’s a basic risk control. If you’re willing to take risks, you can choose not to migrate, but once quantum computers appear and you’re unprepared, the consequences are on you.

Alma: After hearing you, I used to think the quantum threat was distant, but now I suddenly feel it’s very close.

Ding Jintai: Many people don’t understand the fundamentals and think that a simple upgrade will solve everything. In reality, everyone must personally transfer coins to new addresses, queue transactions, which takes a very long time. The understanding gap between ordinary people and experts is huge. This also presents a huge business opportunity: helping people migrate, developing new wallets, new blockchains, or even if Bitcoin migration fails, creating a post-quantum native asset that could replace it—these could all succeed.

I personally hold Bitcoin. I believe this system has value—mainly because governments around the world are printing money excessively. If governments manage their money well, Bitcoin might not be in such high demand. But in reality, that’s not the case.

Alma: Finally, what advice do you have for ordinary holders and governments?

Ding Jintai: First, pay close attention. When exactly to act and how to act is up to each individual’s judgment. But at least, open discussions and clarify the issues. The core of Bitcoin is consensus, and migration must also be based on consensus.

I am willing to participate in open discussions at any time and answer all technical questions. The migration path is clear: choose algorithms → community consensus → modify code → transfer addresses one by one across the network. But how to implement it practically, I don’t have the answer—that’s something the entire community needs to solve together.

Alma: Thank you very much, Professor Ding. I’ve gained a lot today.

Opportunities and Challenges in the Quantum Crisis

As a media focusing on the intersection of technology and finance, Techub News believes Professor Ding Jintai’s views are highly aligned with the latest global developments in 2025. The BSI’s latest report (updated January 2025) confirms the breakthrough in quantum error correction in 2024, shortening the timeline to within 15 years, highlighting the urgency of “stealing first, then decrypting” attacks. NIST has published standards like ML-KEM, and institutions like JPMorgan and AWS are actively migrating; Hong Kong’s Monetary Authority has explicitly promoted post-quantum cryptography (PQC) and quantum-secure infrastructure in its “Fintech 2030” strategy. China has launched a domestic standard solicitation, indicating intensified geopolitical competition.

The Bitcoin community’s discussions in 2025 are intense: developers like Jameson Lopp warn that migration could take 5–10 years, and BIP proposals are emerging. However, conservative resistance and the decentralized nature of Bitcoin increase the difficulty of reaching consensus. If not acted upon promptly, exposed public keys (which already constitute a large proportion of assets) and the activation of “dead coins” could trigger market turmoil or even system collapse.

This “quantum crisis” is not only a threat but also an opportunity for transformation: post-quantum wallets, migration services, and new blockchain development will generate trillion-dollar markets. Traditional financial centers have clear advantages and are already taking the lead; blockchain projects should learn from this to accelerate consensus and technological iteration. We call for open industry dialogue and international cooperation to avoid fragmentation of standards and ensure the security of the digital economy in the quantum era. Techub News will continue to follow and promote broader expert participation in discussions.