Bitcoin Forum

Quantum computing studies theoretical computation systems (quantum computers) that make direct use of quantum-mechanical phenomena, such as superposition and entanglement, to perform operations on data.
Large-scale quantum computers will be able to solve certain problems much more quickly than any classical computers that use even the best currently known algorithms.
In theory this kind of computing power will be unbelievably powerful and be able to achieve much greater "solving power" which could crack algorithm behind bitcoin (commonly referred as: public key cryptography).

For more information visit: http://en.wikipedia.org/wiki/Quantum_computing

Bitcoin is designed to last for over a 100 years. Obviously we don't have this kind of computers yet.
But we will be, maybe in 10 maybe in 20 years, but definitely sooner that we may think - and then, at that time bitcoin may be world currency...
So do you think quantum computers would break Bitcoin's security?

Technology are developing, everything is possible in the future, maybe Bitcoin will be obsolete in next 100 year, even before all Bicoin were mined.

Bitcoin is SHA256, SHA2 hasn't even been broken yet, once 256 will be broken, the bitcoin algo can change to SHA512 for another 40/50 years :)

on sha256 security bit are only 128, and quantum computer can break this(i can't find the article), if today pc can break 64 quantum computer can break at least the double of that

so bitcoin will need an hard fork in the future to survive

technology develops in a very quick fashion. what today can be seen as secure and not possible to crack might be something we laugh at in 2020 or so. it's just a matter of years.

I don't think that we will be facing a problem 'soon'. If quantum computers break ECDSA (The Elliptic Curve Digital Signature Algorithm) which is used for signing transactions, we might be facing a problem. I'm pretty sure that most members here don't know what happens in this scenario.  If the algorithm gets broken, anyone with a quantum computer could extract a private key from any public key and take the Bitcoin stored on it.

It does look simple doesn't it? Well it's not like that. The thing is that your public key isn't really made public, but your Bitcoin address is rather a hash of it. What I'm saying is that while a quantum computer could get the private key from a public key, it can't derive the public key from your Bitcoin address.

Stop talking nonsense. Quantum computers can't break SHA256 (used for hashing) without brute forcing it unless a flaw in it has been found. There is no article to link. I'm not saying that someone won't find a way to attack it in the future though.

This is wrong too. While it looks 'simple' it definitely is not. You do realize that changing the hashing algorithm means that all the current mining equipment would become worthless?
If SHA256 gets broken that would cause huge problems. Changing the signing algorithm is much easier than the hashing one, if you look at the big picture.


This is why a better way of upgrading is needed. Hard forks are complicated and there will always be people who think that they know better than the people who are actually working on the software itself.



Note: Finally a decent topic has been made after a while.

Well it is still theoretical...and until we can actually have a quantum computer built we wouldn't really know and besides I am sure they might able to change encryption before that happens...probably make it stronger and we might get an even longer period of time to wait out until technology develops further.

A quantum computer is not an "insanely powerful computer" it uses completely different algorithms. Some are better at certain jobs, some are worse.

http://en.wikipedia.org/wiki/Post-quantum_cryptography

You are right. To summarise your answer:
1. quantum computers(qc) will be able to get you privkey from public key. But your address isn't your public key its hash160(pubkey). Do we need to change something with addresses after qc? Yes. When you spend money you reveal your pubkey(so every one could hash160 it compare with addr in the transactions and check that you have privkey). So 1) you should never send coins to the address from which you already sent something(its good advice to use new addr each time), 2) when qc will come bitcoin probably will make hardfork and will change sign algo.
2. About mining. There is Grover's algorithm which allow to speed up brute forcing of the sha256(this is what all miners do) but its not a inverse function of sha256. So we just get next mining revolution like cpu->gpu, gpu->asic and so on

It won't affect it, no. Eventually something will break it, not in the next 15 years though I believe.

It would first need to crack SHA-256

http://miguelmoreno.net/wp-content/uploads/2013/05/fYFBsqp.jpg

The numbers are really giganormous.

2^256 is is about 1e77, or 1 followed by 77 zeroes.

This is a number not too far from that of the number of atoms in the whole observable universe which is 1e80 ...  http://en.wikipedia.org/wiki/Observable_universe#Matter_content_.E2.80.94_number_of_atoms

This is also a billion billion billion times more than then number of atoms in the whole earth (about 1e50).

So any brute-force derived from Moore's Law will be completely unable to break SHA-256, and sheer computing power gains from Quantum computing (if they ever materialize, which they have not yet) will not either, at least until a sizeable portion of the observable universe is not brought to work in it.

Smart insight and unforeseen vulnerabilities could lead to a break tomorrow, or yesterday. But Quantum and Moore's Law? Nope.

Yes, I think in the next 10-15 years the technology will grow (that's normal) and maybe the will break the sha 256 bit but first you should remember also the banks use this algo, and I think someone will be interested in the bank (for first) and after all the other things (money related) that are using sha 256 bit.

So at the end I am not worried, if an hypothetical quantum computer will he created, the first target will be the banks.

A more powerful computer doesn't mean that it will break any cryptography.
Remeber that better computers means only faster brute force attacks.

I rarely say things without being mostly certain of them being correct (I do make mistakes of course). Most replies to this thread will just be useless, and a different/shorter version of what someone else said (i.e. legit spam).
Anyhow I'm not sure that Grover's algorithm could be extended to brute force SHA256. Isn't it supposed to be some sort of database searching algorithm?

you are wrong it can break 128 key(the power of quantum computer is like a pc that halve the difficulty, and if today pc, tons of them, could break 64, then a quantum can break 128) this is not enough to break sha256(or the private key which is 256 bit) i know, i didn't explain it well, but it is enough to break the pubblic key which is 128 bit

Your English levels are under those of a 5th grader. Consider taking a course, because you complicate things and usually make no sense.
I never said that SHA256 for a normal computer wasn't SHA128 for a quantum one. You didn't explain it because it can't be explained well i.e. what you said effectively makes no sense. A quantum computer can't beat SHA 256 (i.e. SHA 128). Actually if SHA gets broken the problem will be on a much larger scale where Bitcoin will be irrelevant (unless globally adopted). A lot of things use SHA, for example banks.

What I'm trying to say is: For SHA256, it effectively becomes SHA128 to a Quantum computer. Now the question remains, can a Quantum search for SHA128 faster than a classical computer search through SHA256?
With out current technology and for the near future, we still can't build a real Quantum computer that can even begin to tackle this problem, let alone solve it.

---

Correction 21-05-2020, for reason reported here (https://bitcointalk.org/index.php?topic=1926895.msg54469714#msg54469714). As I said in my reply (https://bitcointalk.org/index.php?topic=1926895.msg54473176#msg54473176), I must have unknowingly repeated and paraphrased text that I had previously read and remembered. It was not intentional.

Original of highlighted text:
https://web.archive.org/web/20130720024745/https://bitcointalk.org/index.php?topic=78693.0#msg876353

Archive of unedited post:
https://web.archive.org/web/20150514022942/https://bitcointalk.org/index.php?topic=1026125.0#msg11104992

---

[original post, with paraphrased text highlighted]

I think that bitcoin would not be the main problem in the world if quantum computers appear, there are banks,governments and many security systems more fragile for the humankind than bitcoin

when it can bitcoin's security will be the least of your problems  ;)

Nobody know the real answer for that question, but I think the technology of the next 10-15 will not the same of now (this is obvious). I think the quantum computer (if it will be created) can really resolve-crack the sha 128 bit easily but I don't know if it can crack the sha256.

While hardware changes, software changes too.
Quantum computers may be or may not be what you actually expect.

The only way I see bitcoin to be hacked is that somebody will be able to generate as "vanity" address your address if it has bitcoin on it. With a fast enough computer it may worth it at some point.
However, as I said, while hardware changes, software changes too. Adding some anonymity into bitcoin could fix this quite easily (though everybody will have to move the coins from the old known public wallet if they want safety).

And this is one of the small changes. Even changing algo is an option. Somebody said that such change will need new equipment.
Bad news for the miners: if a quantum computer will be that fast, it will also be faster than the ASICs on hashing. So the ASICs will have to be thrown away anyway.
And if mining goes back to CPU, changing algo is.. just another change in life.

I guess one day when quantum computers will be standard stuff at every govt agencies and banks this going to be a real issue. Luckily quantum computing at this moment very much in it's infancy so the devs still have a couple of years (maybe decades) to find out something.

The community here also have at least a decade to agree on forking or not forking. Probably this part going to be the bottleneck :).

Yes, but it will take WAY longer than we'll ever live, therefore Bitcoin will be here for a long time. Longer than we can imagine. 1000's of years. Anything else is science fiction.

i think you are not understanding, my english was clear enough in the last post you quoted, quantum computer can break any 128 key, it has been said many times, there is no question here

now, public key are 128 bit, instead private key are 256, so the first can be brute forced by any quantum computer, and if you have that key you could retrieve the private key, but this only if the targeted public key is send when you spend a transaction

here a link http://bitcoin.stackexchange.com/questions/6062/what-effects-would-a-scalable-quantum-computer-have-on-bitcoin

there are many other confirming this

SHA256 will never be cracked during our lifetime and beyond, this is a non issue. Efforts should be put instead in what to do with the blocksize limit.

Thank you to this link,  thanks to it I have found this thread (of Come-from-Beyond) : https://bitcointalk.org/index.php?topic=153302.0


Don't want to open the link, here the post:

We can assume everything because I didn't still see a valid and functionally quantum computer.

I don't think we will be using Bitcoin Technology until the quantum computer era starts... Just my personal opinion!

Why? Do you think it will exist/created a new concept better than the actual bitcoin? I think the blockchain will exist for ever, it is an invention like internet and all we know it is extremely difficult to replace the internet protocol.

I think yes. But at that point bitcoin may be the least of our worries.

Yes! Innovation never stops! There are already better altcoins than Bitcoin out there! One of them will replace Bitcon in the near future! I see the future in altcoins :) Bitcoin was not the first digital currency and it won't be the last :)

If you're interested in such a matter just have a look to this site: http://pqcrypto.org/


Fascinating to say the least.

Quantum computers could "theoretically" effect a number of industries including the banking sector. So bitcoins will be the least of our worries.

I'm really not worried so much, mainly because the same computing power could also be used to aid in creating stronger cryptology as well. There are a number of other countries including China, Russia and India, ect. who are not just sitting around waiting for their secure systems to be hacked by quantum computing.

There will be pluses and minuses on both sides of the table as we learn more about this technology and overall all we'll learn how to use it to make our encryption schemes even more secure.

You are rigtht, innovation will never stop but I think bitcoin will exist for another 50-100 years. Do you remember when internet was 'released' to all the people.... and we are still using it (waiting for a new protocol, better than this one).

Maybe not! 10-15 years and it will die.. Perhaps, it may die soon.. But since its already adopted by many people, it will take a while to die forever :)

Nah only  10-15 years. I think it will exist for the next (at least) 50 years, we should remember it was created only in the 2009 and I think it will be used for a long time.

Yes. If quantum computers become a reality (and there is serious question about that) then they would upend everything, including Bitcoin. Is that something to seriously worry about today? No.

Its future anyways! Noone exactly knows what's happening in the future.. Hey redsn0w, the best option is to sit and watch ;D (We can bet if you're interested :P)
What do you think? :P

Yes and no.

Bitcoin encryption can easily be made countless times more difficult.

By the time quantum computers are capable of breaking the blockchain, Bitcoin encryption will have been made so extremely strong that regular computers will have a hard time just working with the encryption, but even quantum computers won't be able to break it.

Then, people will start getting quantum computers in their homes, and this will make Bitcoin encryption stronger than ever.

All this is a loooooong ways off. Lots of other things will have a much better chance of collapsing Bitdoin before quantum computers are ready to do it.

:)

They probably said that about MD5 and SHA1. Careful.

 Guys why are you wonder about that :) ? Don't worry coz if quantum computers to be invented and they try to hack blockchain, then blockchain will use quantum algorithm and will be secure :)

as i said dont worry. If technology improve at the same time blockchain will be improved itself.

Yes obviously, we can't do nothing only sit and watch what will happen after the first quantum computer will be created and it will be fully functional. For the question of the bet, nah I don't like these type of thing and I can't imagine how we can bet (it's 10-15 years  ;D).



Here we are only speculate about an hypothetical quantum, so it may happen everything.

This has been talked about a lot.  Quantum computers will not break Bitcoin's security.

But to put it in crude terms:  Quantum computers suck.  They worse than suck because if they sucked that would at least provide some benefit.  Quantum computers do nothing.  And they take a really long time to get that nothing done.  Quantum computing has been around for dozens of years now and still hasn't even done nothing.

And on top of that Quantum computers have the potential of sucking even worse.  In 10 maybe 20 years quantum computers will be wasting more time than all of our blank stares put together.

I see no information about 128 bit keys being broken. Any information found on stackexchange has no guarantee to be correct. It confirms what I said. SHA can't be reversed; it has to be brute forced.
It clearly indicated that quantum computers are more powerful than the computers of today, which is logical. There is no information on there internet about this. You're talking out of a hat.
Yes 128 bit security is 18446744073709551616 times faster to bruteforce than 256 bit. This doesn't mean that it is vulnerable when used.

It's obvious that people are commenting without proper knowledge in quantum related technology. The computers are not nowhere near ready to do any complicated jobs. The main challenge in a Qcomputer is to make sure that the qubits are entangled (if you're familiar with Schrödinger’s cat you will know what I'm talking about; look that up). The computer must stay in this state (for the cat - it can't be simultaneously dead or alive) long enough to perform calculations and get results. The ones that we have can keep the state for miliseconds or maybe a couple of seconds. That's not long enough to do something useful.
To break encryption these computers must have 500-2000qubits. Existing quantum computers operate with 14 qubits at maximum.

I have not forgotten about D-wave though. The company D-Wave claims that it has produced a 512 qubit Qcomputer. That is not a real quantum computer because it uses quantum annealing effect and can't demonstrate full properties of one. It is basically set to do a few specific tasks and represents no danger to encryption.



To summarize: You're wrong. Existing implementations have not shown that they can beat 128bit encryption. They aren't even close. That's the current situation. I'm not saying that in 5 years we won't have better technology. We might operate with 1400 qubits or be stuck at 140. Nobody really knows.

---

Correction 21-05-2020, for reason reported here (https://bitcointalk.org/index.php?topic=1926895.msg54469714#msg54469714). As I said in my reply (https://bitcointalk.org/index.php?topic=1926895.msg54473176#msg54473176), I must have unknowingly repeated and paraphrased text that I had previously read and remembered. It was not intentional.

Original of highlighted text:
Serge Malenkovich, Lab.
https://web.archive.org/web/20170824084401/https://www.kaspersky.com/blog/quantum-computers-and-the-end-of-security/2852/

Archive of unedited post:
https://web.archive.org/web/20150514023232/https://bitcointalk.org/index.php?topic=1026125.40#msg11108049

---

[original post, with paraphrased text highlighted]

there are many quote that say otherwise, so no i'm not wrong at all, for a quantum computer brute-forcing a 256 key is like for a normal computer brute-forcing 128 key, it's like dividing by two(the exponent not the number, so is equal to a root square of it), this should be clear, and with that in mind you could deduce easily, that a 128 key for a quantum computer is equal to a 64 key for a modern computer, and a 64 key can be brute-forced with a normal computer(not just one i know, but a very big farm can do it)

just simple logic, you don't need to search for anything to deduce this...

+1 to whoever posts that picture explaining about how the laws of thermodynamics would have to be broken to crack SHA256...

I watched an old documentary some weeks ago about quantum computers. There is a post graduate in a university somewhere building a quantum computer. It needs to be cooled to a few degrees above absolute zero in order to do calculations. You can never guess what level of maths his quantum computer can just about manage:


We are decades away from a quantum computer brute-forcing a 256bit key.

Edit:
Found an old article - http://www.popsci.com/science/article/2012-08/quantum-processor-calculates-15-3x5-about-half-time

Oh I don't know man. They are mostly theoretical at the moment but could develop into something beyond what we even think of as computing. Having the Qbit available for computation is a powerful idea. It is already being used as a practical tool in espionage. There is no greater security in messaging than systems using quantum entanglement.
 

The original one was posted here (https://bitcointalk.org/index.php?topic=224915.0) and probably a few dozen other places as well.  I thought the background looked a little dull, so I made my own version (http://www.wearedecentralised.co.uk/bitcoinforbeginners/images/secure.png).

I think we're a long way from efficient quantum computers that provide real benefits over current systems. However, I think security will have to evolve as computers become more powerful. In terms of Bitcoin, I do not see any real threat.

It's actually the other way around. A 128 bit key for a computer is a 64 bit key for a quantum computer. You obviously didn't understand my previous post.
This is theoretical and does not matter at the time. Doing such calculations is currently not possible. Humanity isn't even really near this achievement.

It is better to avoid replying to a thread, than to make bad (due to language or problems understanding) statements.

This doesn't apply to quantum computers. If we could get a quantum computer to operate at the same speeds that we get even mobile processors today we should be able to breach SHA256 with brute force since it is like a 128 bit key for it.

Your logic is severly flawed.


Click on your link, click on the link back to bitcointalk.org, read the post by danny.


Need a bit more?



Maybe you could fix the errors in it, because we dont need to "count" to 2²⁵⁶ we need to "count" to 2¹⁶⁰ due the use of RIPEMD 160

I think I read that someone might have invented a quantum dot, but that's a very long way from a quantum computer. Considering that a modern laptop is way more powerful than a whole mainframe system from 30 years ago there might be quantum computers in another 30 years.

Looks like the qunatum computer solves only one problem, which is to factor 15. This means that it is not even a programmable computer. If we extended this technology to find the private key of a given address then we'd need to build a different computer for each address for which we are trying to find the corresponding private key.

The risk of quantum computers breaking algorithms is also there not only for cryptocurrencies like bitcoin but also financial institutions, like banks - because they heavily rely on cryptography when doing transactions.
But I know that bitcoin's security was designed in mind to be upgraded in a forward way, in the future, when quantum computers and maybe some other powerful technology will be here and if it were considered an imminent threat to bitcoin security.

It doesn't need to be able to break the algorithms, it just needs to be able to search directory.io.

Well, sorry to disrupt the techies at work but anyone got time for a history lesson ?


first personal computer : IBM

Release date    August 12, 1981; 33 years ago
Discontinued    April 2, 1987
Operating system    IBM BASIC / PC DOS 1.0
CP/M-86
UCSD p-System
CPU    Intel 8088      @ 4.77 MHz
Memory               16 kB ~ 256 kB
Sound                1-channel PWM




so 33 years ago we were doing 4.77mhz and a 256kb memory was more than enough for anybody...I think we should expect big things in the near future....quantum computers are definitely coming and standard encryption as we know it will go the dinosaur way.....along with it many other things that we consider untouchable today (Bitcoin included)...


the sad part is that by the time a private company would have quantum computers for sale, the NSA/GCHQ would've had years in advance of scorching the net with qbits...who is to say they aren't doing it already ?

http://www.washingtonpost.com/world/national-security/nsa-seeks-to-build-quantum-computer-that-could-crack-most-types-of-encryption/2014/01/02/8fff297e-7195-11e3-8def-a33011492df2_story.html

Yes I agree, however the government might have quantum computers for all we know.

History is quite useless if you ask me (look what happens to Windows because it isn't rewritten from scratch) . This isn't even relevant. The development might actually slow down. The current processors are reaching a plateau when it comes to speed per core.

When talking about a quantum computer the numbers are quite different. A quantum computer is quite fast at very low speeds (even under a single MHz). Quantum computing will make an impact on asymmetric encryption, but symmetric algorithms are considered safe with a large enough key size e.g. 256 bits. Essentially we could just upgrade it to a very high number which would render quantum computers useless in beating encryption.

I hardly doubt that. The are probably using Windows XP with the built in firewall.  :)

no you are reading that in a wrong way, i said that a 128 key for a quantum is like a 64 for a standard pc, in the sense that a standard pc can break 64 and a QC can break 128


well my intention was not say that it could break sha256, but all i want to said, is that it could break 128 key, that's it, there is nothing flawed about my logic

Now the only quantum computer is at the Silicon Valley which is the home of microsoft and at the pilot phase, and there will be a long time for it to come into use. The heat that the quantum computer produces per hour can make itself increase by 70 celsius, then the temperature of computer case will come to 200 celsius within two hours. Thus the cooling device will melt after six hours' running, which is the most conservative estimation. Therefore, the quantum computer of high enery and short life is far from our life, let's wait and see what happen.

It does not need to break the cryptography. It only needs a quantum machine that can easily create all private keys and store them all into a database to look up every private key for a public key as on http://directory.io where it happens on the fly.
Sure, calculating and storing 10^79 keys is currently impossible without doing it in hundreads of years. But nobody knows what the future brings up. Remeber Moors law.

I don't think quantum computer could  break Bitcoin's security.
When the quantum computer came out, well it still need very long time, the algorithm of bitcoin also can be upgrade.

I'm still learning ECC, but considering that the X and Y coordinate of a bitcoin public key are both 256 bits resulting from point addition of 256-bit Generator Point, isn't a bitcoin public key technically 256 bit?

Reference: http://www.royalforkblog.com/2014/07/31/address-gen/

The only caveat I remember, is that even though a given ECC operates in 256-bit space, it has only the equivalent of 128-bits symmetric (e.g. AES) security.

The caveat explained by DeathAndTaxes here: https://bitcointalk.org/index.php?topic=1007619.msg10936084#msg10936084

it seems that it depend also on some wallet, for example on some client private key start from 128 key

here the reference  https://en.bitcoin.it/wiki/Private_key

In Bitcoin, a private key is usually a 256-bit number (some newer wallets may use between 128 and 512 bits)

maybe it's the same for public keys

They talk about this but not in bitcoin matter but with cryptography in general matter for many many years.
We don't understand quantum physics well as human species, so no, it won't be happening anytime soon.

But you are using the "QC can break[1] 128 bit asym-crypto" argument to say that any 256 bit key can be broken by a QC, which is nonsense. Firstly it only applies to asymmetric crypto. Secondly bitcoin is more than just pubkey and private key, it also involves hashes which are - for all we currently know - immune to QC as there is no known algorithm to reverse the calculation and a QC is not faster at calculating hashes either.

[1] break as in brute force

Ofcourse I will have to agree with you on that one plus the post that you quoted as well. A faster computer just means a faster brute force attack not that it can break any cryptography...it will need some sort of a key to help it break it which would be quite difficult to make...unless we have another savant..:P

+2 because I like yours more!

well it's true that you can retrieve a 256 key form a 128, i posted a link telling that, but it's not that easy to do anyway

did you read this?

"With a quantum computer, you could easily deduce the private key corresponding to a public key. If you only have an address, which is a hashed public key, the private key is safe. Anyway, to spend a transaction, you need to send the public key. At that point you are vulnerable, but the attack is not straightforward."

unless he talking bullshit(i don't think so, because he made a tl;dr from many quotes, from users here on bitcointalk, and they seems to know what they are talking about)

read this

https://bitcointalk.org/index.php?topic=133425.0

"I don't think you understand his point.  Yes QC could (in theory) be used to determine the private key FROM the public key.  However with Bitcoin the address isn't the public key it is a structured hash of the public key.   The public key isn't known until the first time Bitcoins are spent from a given address.
"

if you reveal your public key there are chance that they can steal your coins

again

"Well, even that isn't entirely true with how Bitcoin uses public key encryption.  Simply publishing a single bitcoin address doesn't actually publish the private key, it publishes a structured hash of the public key.  The actual public key isn't published until the first time funds are spent from that address.  If SHA-256 is subject to being brute forced into collisions by a quantum computer, a different hashing algo may not be, and that could be used instead.  If you use a new address for each transaction, which is how bitcoin does it by default and really is a best practice, it would be very difficult for a quantum breaker to steal your coins.
"

not impossible

Yes, you would have a possible race condition and how well you are connection to the network would be very important. The attack you are talking about here assumes that Eve (attacker) gets the pubkey from Alice (user) before Bob (miner) confirms the transaction. Not only getting the public key, but also calculating the private key from it and creating a competing TX. Thus Eve would have to be in control of all peers Alice is connected to and all nodes Bob is connected to in order to make this a very likely success. If only a single node (of those connected to Alice) is not under Eves control the TX Alice creates will most likely reach Bob before Eve's.

This is a big problem, but it does not mean bitcoin is broken. It makes every single transaction risky until the problem is fixed though.

Depending on the costs to run a QC, this does not seems cost efficient even when possible. Once the first QC's are capable and start messing with TX I suspect[1] someone has a hardfork solution in some drawer.

[1] actually I have no idea how realistic this is, but considering that we have at least a decade Im positive.

Your writing is bad. That's the issue. I told you, instead of posting a lot of uninformative posts, time would be better spent learning the language itself.
There is no logic and everything is flawed.

I've told you this already. There is no working quantum computer that can even begin trying to break that key. You should focus on reading rather that replying.


Like I previously said quantum computers can't even begin to tackle the problem and that the user was pulling nonsense. Now he's just copying information from other people's statements.

apparently you don't know how to read, it's not that my english is bad, well i don't care much, i have provided to you more then an evidence, and many quotes that say that is possible, if you still believe otherwise, this conversation can be closed now

"Now he's just copying information from other people's statements." everyone here is copying information from the internet this isn't something new...

The current processors are reaching a plateau when it comes to speed per core

that is correct, and silicon is showing its limit .... but who is to say that in 5 years from now Silicon Valley won't be named Graphene Valley  !? Graphene has enormous potential in future of circuitry, the only problem is its price...and we all know that the NSA has endless resources ...I honestly think that we underestimate the power of NSA and their thirst of "knowledge"

you should check this out, I used to think the same ("The are probably using Windows XP with the built in firewall") but not after viewing this :

http://www.imdb.com/title/tt4044364/

Quoting random people on forums and expecting correct information, ah.  ::) How about you start reading research papers and getting information from actual scientists or companies that are working on the matter?
There is no working quantum computer that can tackle these problems now. If there was, one could find a link to it.
You claim that there is one, then go and find us one.

Actually I understand that. I'm looking forward for graphene usage. I think that graphene processors will be here sooner than quantum computing, but we will see.

You're logic is flawwed, the hashrate would be lowered by 50%, nothing more, nothing less.... So if the mining HW now gets 1 th/s with sha256, it will be 500 gh/s with sha512...

I got caught up replying in too many places and made a honest mistake. I've updated the post.
Although I still don't believe that it will be that simple.

it would really still be sometime before quantum computers become a reality. if this happens, the network could be forked quickly to a new algorithm. The quantum computers can certainly break ecdsa but they are safe as long as no transactions hasn't been broadcasted.

Even if today's cryptography were to be broken by quantum computing a new form of proof of work would arise which worked w/ quantum computers...

These gifs seem to be wrong. Which thermodynamic principle is that ? By Landauer's principle it would take less than one second to count from 1 to 2^256 on these conditions...

Agreed. But as long as cracking technology improves, anti-cracking technology will continue to improve right along with it. In other words, by the time quantum computers are computing fast enough to create problems with the current bitcoin technology, there will have already been a fix for it.

No big deal, as far as I'm concerned. Of course, I could be wrong. Often am. ;D

Me

You'll know once a quantum hack is underway when all banks lose their account balances, and all military secrets are disclosed. BTC loss will be the least of your problems :)

I don't think the NSA would want to kill any banks/sponsors...The NSA will be the first to have one since their resources are endless....so the NSA will destroy what they think it's fair to do so...bitcoin included

In theory, a powerful enough quantum computer could bruteforce anything. But right now this is science fiction and a non issue. This is something the future generation 100s of days from now will have to deal with.

No, I don't think that's true. There are mathematical problems that are complex enough that even quantum computers wouldn't make a difference to them.