More than 130 countries around the world are researching, developing or testing digital central bank money, and some have already introduced such a currency. CBDC, as a continuously available means of payment issued directly by central banks, can be exchanged for cash or account balances at any time at face value.

The introduction of CBDC can have far-reaching social and economic effects, for example in terms of financial inclusion: digital access to central bank money allows people without a traditional bank account to participate directly in economic life who would otherwise be excluded from many financial transactions. At the same time, digital central bank money is being discussed from a data protection perspective.

The central prerequisite for the new means of payment is its security. This is based on powerful encryption: CBDC contains cryptographically secured digital assets that are managed in wallets, as we already know them from cryptocurrencies. These wallets can be in hardware or software form and manage private key material. A distinction must be made here between token-based currencies, where the money actually moves from A to B, and account-based CBDCs. The latter are controlled by the bank, which deducts an amount from account A in order to allocate it to account B.

Compared to existing cryptocurrencies, which are often decentralised and whose security is based on consensus algorithms within the blockchain, CBDCs offer unique security features and benefits due to their centralisation. While cryptocurrencies such as Bitcoin and Ethereum operate publicly and without centralised authority, CBDCs are under the control of central banks. They verify the authenticity of the money and also allow for more targeted implementation and updating of security measures - such as the integration of post-quantum cryptography (PQC) to protect against future threats from quantum computers.

Quantum computers on the rise

Until now, classic algorithms such as elliptic curve-based digital signatures and the RSA encryption method have formed the backbone of security mechanisms for digital assets, including CBDCs. These algorithms ensure sender and recipient authenticity, proof of ownership, non-repudiation of transactions and prevent double spending. However, they are vulnerable to the threat of future quantum computers: these new types of computers are developing rapidly and are expected to be able to efficiently solve the mathematical problems underlying common cryptographic methods in a few years - and thus break these encryptions.

Therefore, the transition to quantum-secure cryptography is crucial to ensure the long-term security and integrity of digital currency systems. In the field of post-quantum cryptography (PQC), encryption methods are being developed that cannot be compromised by quantum computers, even when used on classical hardware. Some such algorithms already exist. To ensure the privacy and security of digital assets in the era of quantum computing, PQC should therefore be proactively integrated into the architecture of CBDC.

The right algorithm for every system

Selecting the right algorithms for central bank digital currency plays an important role in ensuring security in the ecosystem in the future. Depending on the system - such as token-based transactions, the use of smartcards or backend systems - the focus is on very different requirements. In addition, the storage requirements and the speed of key generation in cryptographic processes must be considered, as becomes clear when looking at the CRYSTALS-Kyber and FALCON algorithms, the two winners of the PQC competition organised by the US National Institute of Standards and Technology.

Both algorithms provide robust security solutions that are essential to ensure integrity and confidentiality in the new era of quantum computing technology. However, their respective characteristics make them suitable for different purposes in securing CBDC, which complement each other.

A gradual transition

The implementation of post-quantum cryptography in CBDC systems cannot be done immediately. The technical challenges are complex. They range from the need to adapt existing infrastructures to the development of new protocols that are both secure and efficient. It is therefore advisable to carry out updates gradually and plan them carefully to avoid interruptions while old and new algorithms run in parallel. Particular attention should be paid to the type of key material and the specific requirements of the CBDC ecosystem in order to combine functionality and security in the best possible way. Factors such as backward compatibility and mechanisms for recognising and supporting different cryptographic versions should also not be neglected in order to ensure seamless interaction between updated and non-updated components.

The emergence of quantum computing technology is already requiring a reassessment of security strategies for central bank digital currencies (CBDCs). Close collaboration between central banks, technology providers and academia is needed to introduce algorithms that are not only resistant to quantum computing attacks, but also meet the high speed and scalability requirements of global payments.