-------------------
I understand that a protocol is a set of rules.
But the basis on which any protocol stands in this matter is cryptography.
Cryptography can be one, but there are many protocols based on it.
Therefore, any protocol that describes the behavior of participants in a post-quantum period of time should be based only on post-quantum cryptography.
If we are talking about blockchain technology and bitcoin, then I have a question:
and what cryptography will be the basis of the new protection protocols and the transition from technology based on conventional cryptography to new technology based on post-quantum asymmetric cryptography?

The NIST contest is not over yet, I have only such information on this issue.

---------------------------
Yes it is.
But that was an example.
Are you sure that the wallet that you use today is safe.
And if tomorrow they find a vulnerability?
And will they also be phased out?
Will you be calm from this?

But let's analyze.
Someone issued a wallet with vulnerability.
Nothing is known about this.
Someone uses this wallet - trusting him their secrets.
Then there is someone, a phenomenon unknown to us, which talks about the poor quality of the wallet.
And if this hero - didn’t tell us anything?
Did he have a right to this?
Yes, I did.
And does the new hero have the right not to tell us about the poor quality of the wallet that we use now.
Yes, there is such a right.

Therefore, our safety is not in our hands, but in the hands of unknown heroes?

Strange, but it is a fact.

----------------
Yes, indeed, I have read a lot about cryptography on elliptic curves.

1. I learned that those who know a lot, they work for different unpopular organizations, they are always silent, and information about this knowledge and about these people is lost ...

2. I also learned that specially all modern cryptography is divided into 2 parts:
1) Household cryptography, those encryption systems that we know. They are allowed to be used by us, ordinary people; in unclassified matters;
2) State cryptography, the one that we are not allowed to use, and the government is obliged.

And I asked myself, why so?
More precisely, what is wrong with our everyday cryptography?

3. It is not clear why the NSA (USA) first ordered a study for British mathematicians, then hid all the materials for this study, and immediately banned the use of cryptography on elliptic curves in state secrets.
And this is despite the fact that only yesterday the NSA actively implemented ECC, despite the fact that not so long ago, the NSA bought all the patents for this system from 2 mathematicians.

4. Why are we assured of the reliability of asymmetric mathematical encryption systems without providing evidence of this reliability (evidence of the inability to solve the problem of discrete logarithm in fields of elliptic curves with a finite order of the field of numbers, which means discrete, point elliptic curves).

But I understand that if they know the secret, the weak point of this cryptography, then it is very beneficial for some that all ordinary people use and trust this cryptography.

And further, new questions ..

5. Why NIST does not even want to hear about ECC with an increased key length as a candidate for a post-quantum system.
Let me remind you that a key with a length of 521 bits ECC is equal to a reliability of 256 bits AES. But AES-256 remains a post-quantum system of the future, because no quantum computer will be able to completely enumerate a number of 256 bits.
But in ECC as much as 521 bits !!!
So, ECC breaks down not only with brute force attack, but also somehow, and that means mathematically !!!

Moreover, to increase the key length by 2 times in the ECC encryption paradigm is not a problem and a burden on modern processors.
However, they do not.
Moreover, they claim that this system (including RSA) breaks with any key length, if it breaks with a standard key length. This is not what I say, but people, professors in cryptography, people with a name, authorities in the world of encryption.

What does it mean?
Only one thing - these household systems are broken mathematically, by cryptanalysis.

6. I also learned (from a lecture by a respected mathematician-cryptographer) the following:
- some classes of elliptic curves are weak; - if you look at the standard NIST curves, you can see that they are verifiable random;
- if you read the Wikipedia page about the principle "there is nothing in the sleeves", you will notice that:
1) random numbers for MD5 are obtained from the sine of integers.
2) random numbers for Blowfish are obtained from the first numbers $ \ pi $.
3) random numbers for RC5 are obtained from $ e $ and the golden ratio.
These numbers are random because their numbers are evenly distributed. And they do not cause suspicion, because they have a justification.

Now the following question arises: where do the random generating values for the NIST curves come from?
Answer: unfortunately, we do not know.
These values have no justification.

Is it possible that NIST discovered a “significantly large” class of weak elliptic curves, tried various possible variants of generating values, and found a vulnerable curve? I can not answer this question, but it is a logical and important question.

What is the reason for this distrust of such a respected organization?
But on what:
“We know that NIST has at least successfully standardized a vulnerable random number generator (a generator that, oddly enough, is based on elliptic curves).

Perhaps he has successfully standardized many weak elliptic curves as well? How to check it? No way.

It is important to understand that “verifiable random” and “protected” are not synonyms. It doesn’t matter how complicated the logarithm task is or how long the keys are - if the algorithms are hacked, then there is nothing we can do.

In this regard, the RSA wins because it does not require special domain parameters that can be exploited. RSA (like other modular arithmetic systems) can be a good alternative if we cannot trust the authorities and if we cannot create our own parameters for the definition domain.

And if you're curious: yes, TLS can use NIST curves. If you check in google, you will see that when connecting, ECDHE and ECDSA are used with a certificate based on prime256v1 (aka secp256p1).

I am not a cryptographer and not a mathematician, not a scientist or a university teacher. No one is interested in my opinion and I have no authority.

But I do not consider myself an idiot and do not really trust the universal approved opinion of the herd. I try to draw conclusions.

If you are not tired of this topic, here are the arguments in my favor, the second post for December 4:
https://bitcointalk.org/index.php?topic=5204368.40

---
You're wrong about RSA and ECC. The key length only matters if the mathematical problem of factoring or discrete logarithmization is not solved.  In fact, none of us, ordinary consumers, know or this problem has been solved today. But it is precisely known that this problem is easily solved by a quantum computer, the Shore algorithm and other loopholes have been open for a long time.
In this case, RSA and ECC and other asymmetric systems will not resist these solutions with any key length.
It wasn't me who said that, it was world-renowned cryptographs.
It's a well-known and open fact to the public. That is why, neither RSA nor ECC, nor any modern or new encryption system built on the same principles (factorization and discrete logarithmization) are suitable for the role of a post-quantum asymmetric encryption system. Systems with these principles are not considered candidates at all because they all break down at any key length.
We are talking about ECC in general. The topic is detailed in my post, second from December 4, here:
https://bitcointalk.org/index.php?topic=5204368.40

About the length of the key. The 256 bit AES key is 16,000 bits of RSA by reliability. The 4096 currently in use is not reliable. Increasing the key in RSA doubles the load on the processor from 8 or more times. That's why you cannot increase the key length in RSA. And soon it won't make any sense.

Even earlier, when we did not dream about quantum computers, it was strictly forbidden to use RSA or ECC in serious cases. This is a household cryptography, the reliability of which has not been proven to this day. Sadly, it's a fact. These systems are based on legends, not on serious arguments.

-
There is no connection between the problem of finding a private key knowing the public key (and knowing the ciphertext, the problem of asymmetric encryption systems) and the problem of finding the law of obtaining hash from input information.
These are fundamentally different problems. Mathematically, the first task is cryptanalysis.
The second one is solved by brute force attack.
That's why we need so many kubits to solve the SHA256 task.
But protection against this danger is also very simple; SHA256 can be easily made into SHA512 or 1024.
But you can't do that with a pair of public key + private key. This cryptography breaks down with any length of key, including mathematical.
For this reason they are looking for new post quantum systems to replace asymmetric encryption systems.
It is for this reason that symmetric encryption systems do not need to be upgraded to withstand quantum computers.

There is one more option, you can see the details here:https://bitcointalk.org/index.php?topic=5204368.0

In the meantime, no security system can withstand an attack.

They steal passwords, keys, confidential information in the most secure and well-funded security system - the banking system.

According to CNBC, the largest British retail banks have been forced to stop processing orders in foreign currency after a cyber attack on the exchange provider Travelex.

The company's computer systems were unavailable for more than a week after the malware attack on New Year's Eve, which left Lloyds, Barclays, HSBC and Royal Bank of Scotland, among others, unable to process transactions.

Ever stop the rise in cybercrimes?

There's something wrong with our "protectors"...

----------------------
How cryptanalysis works, especially against asymmetric encryption systems, will not be written to you on the Internet, let alone on Wikipedia.  It's a mystery that cryptanalysis is all about.

The life and work of cryptoanalysts is classified. Even their family doesn't know what they do, the results of their work are so important.

If they did not work well, asymmetric cryptography would be solved for serious questions. But it's not allowed.

Why is that?

Because it's used by those in power, and it's not written on public bulletin boards.

So stage 0 is kind of a pre-cursor to a quantum internet, where the only quantum activity is undertaken by the ISP. The quantum cryptographic key is created, but the ISP is like a trusted node. This stage is already live in parts of China.

In stage 1 the quantum key is generated by the sender, so it is truly encrypted, with no middle-man. This has already been tested successfully as I mentioned above with Micius (China again).

I am happy to concede that there is a huge amount of work required to progress to the end of the roadmap, quantum repeaters being just one example, but the direction of travel is encouraging.

A functioning and useful quantum internet won't need a massive expensive multi-qubit quantum computer in every home at all, but simply a means of transmitting and receiving quantum information. IBM has already had a simple quantum computer in the cloud since 2016.


[/quote]
----------------------
Yes, I agree with your conclusions, it's all true.
But this is good for the part of the network that is far from the end user, the backbone part of the network.
In this part of the network, indeed, any change in information will be impossible.

I am for progress, for everything technological, especially when the laws of physics are the basis of these innovations.
But I draw conclusions, I watch intentions diverge from reality.
How loud promises actually turn into advertising tricks.

Let's find out where we are most often attacked? As of today.  Among other things, I am talking about the most dangerous attack - the "man in the middle" technology. 
Most often it is not carried out on a segment of the network remote from us.
I think that from what I have learned, the most common places to attack are those that are close to the user: routers, other network access points, the end devices themselves.

None of these threats aimed at the end user, at the specified attack points, the quantum (photon) Internet offered to us - does not solve anything.

Modern protocols, based on modern cryptography, provide everything you expect from the "quantum Internet", except one thing - discreet copying of information, eavesdropping on your channel.

But this danger is solved by reliable cryptography, methods that are simpler and smarter than the mass of new equipment for the transmission of linked photons (quantum Internet).

If you are subject to a competent attack, information, any, before the Internet, before encryption, will be stolen invisibly directly from your devices, not from the backbone networks of the Internet.
All scammers and criminals working for governments are looking for easy ways to get information.

For example, fresh information, all Samsung devices are secretly spying on their users, on the government of China, not the government of South Korea. You see what a serious approach to espionage is. How will the quantum internet save you?

I think that all such technologies, except the quantum computer, are of scientific interest and will only be prepared for commercial success.

We need a good secret communication channel, which should be protected by post quantum cryptography. Cheap, reliable, affordable way.

--------------------
Any owner of the bitcoin can be tracked. His IP address is calculated just because he is using the network.  It's network laws, they don't care if you use a bitcoin or just navigate through sites.
Yeah, not everyone can do that.
It's just a matter of price, as far as the person who wants to calculate you needs it.
When you ask for information using the KYC/AMLP/FATF rules, you only do it because it's the easiest way to get information.
But it's not the only way to find a user.

----------------------
As far as I read, not traditional banking will be updated, but a mass issue of national digital money will be launched, in which all the issues of fast and cheap payment transfers between states and banks - will be successfully resolved.
In this model of the financial world, there will be no point in modernizing the payment system to improve operations with fiat currencies.
According to statistics 60% of all bitcoins are in a state of long-term storage and will not participate in payments for about 4 years.
This has a very bad effect on the growth of the value of this currency.
For bitcoin owners who use it as a means of saving, everything will be fine if the price rises in 4 years.
If the price stays at today's level, the storage operation will not pay for itself. Or it will cause losses.

As they say, saving a man who's sinking is the job of that very man who's sinking.

------------------
It makes sense to be afraid, and this is a well-thought-out opinion of cryptography experts.
Not only that, it is openly spoken about by people who hold responsible positions in very well-known companies.

The situation here is complicated, because the cryptography itself on elliptic curves, on which the digital signature in Blockchain and Bitcoin is based, is weak and dangerous.
Read more about it here (second post of December 4):
https://bitcointalk.org/index.php?topic=5204368.0

But the second part - SHA256 remains reliable even when attacked by a quantum computer.
Because no computer will make a full search of all possible variants of binary number 256 bits long.

But, smart people have already invented and released a currency based on post quantum encryption methods.
I don't want to advertise it, but if the quantum computer starts working (although there are other, more serious concerns about cryptanalysis), the price of this crypt will rise quickly.

------------------
Quantum cryptography is what?
The transmission of information through the use of quantum states of a particle of light, a photon - it's understandable.
This is a photon Internet, which is proudly called "quantum Internet", although it has nothing to do with "quantum" itself, as elementary particles.
Photon networks do not allow to take information not noticeably.
That's it.
From the very theft of information - they do not protect.
It's safe to use them just because the theft is noticeable.
And they are only planned to be used to agree on a shared key for conventional symmetric encryption systems such as AES-256. This system is not being broken by any quantum computer, not even in the distant future.

Now the problem is that no modern asymmetric systems (rather than symmetric ones) can resist quantum computers. And these systems are needed only to coordinate the common secret key for symmetric encryption systems.
Without asymmetric systems, we all need to meet in person in order to send an encrypted message.
And if there will be no asymmetric systems, the old photonic Internet, which today was called quantum (!), offers as an alternative. And successful transmission in this way was long ago, 50 years ago. These are old technologies on new equipment.

And there is no quantum cryptography, no interaction with quanta, encryption with quanta.

The foreseeable future lies only in mathematical, logical encryption methods that work on ordinary computers. They're being looked for. There's a competition. They're called post quantum cryptography. By the way, AES-256 is already among the winners in the category of symmetric encryption systems. This system is not afraid of future quantum computers, it's not even afraid of computers from another planet where the most advanced civilization lives.

Why not? Because this system works with all the values of the key. And that means, if there are no mathematical methods of cracking, and there are none, you have to do a full search of binary code 256 bits long. And it's not possible, there's no such number of particles in the whole universe.
Besides, this algorithm doesn't load the processor.
That's why it's not a problem to make a key 512 bits long.

And how many times 512 bits are more than 256 bits?
No, not twice, and I don't know what time. It's a mystically large number.
But 257 bits more than 256 bits - exactly twice as many.
You do the math from here.

Cryptography on elliptical curves can't just increase the length of the key and become post quantum. Why not?
Because such unreliable systems (asymmetric) break down mathematically by cryptanalysis. So they're not used in serious cases. But this system is used in blockchain and bitcoin.

And what's quantum cryptography? I can't figure it out.
There's only post quantum cryptography, math.

----------------------
Transmission from one chip to another is quantum entanglement, it's always the transmission of photons.
They transfer photons between chips.
At a very, very short distance, it seems to be within a centimeter. It's a normal waveguide. That's it.
 
It's a path to the photonic Internet, not quantum networks. No one's dealing with quanta networks. It's a mix-up.
They're dealing with quantum states of photons. It's technology of the future, but not ours.
Hardly anyone would make you give up your favorite smartphone with a wi-fi or 3.4.5.6G internet and sit behind a stationary device.

Without post quantum mathematical (not quantum) cryptography, which encrypts on an ordinary smartphone, computer (not a quantum computer), no one will do. No ordinary user, no VIP.

It's just science. It won't make the world safe, even if it works tomorrow.
We're being given another illusion.
These successful experiments are needed for secure communication between government and large corporations.

What do you and I need it for?
A network based on ordinary light rays, photons of light?

It's a mistaken and commercial distortion of reality to call it "quantum networks". It sounds beautiful, but it's not true, it's expensive and stupid.

-------------------------
The reason is that all of the listed technical innovations are a molding of the old, modernization and not something fundamentally new.

Bitcoin is a cryptographic product.
And in the world of cryptography and technology in this field of knowledge, it is much more difficult to think up something new and better than to make a modern laptop from a computer the size of a house.

This is a different level of difficulty.
Here the molding of the old, modernization - will not do anything.
What is needed here is real discovery, not commercial achievement, such as thin smartphones or flat-screen TVs.

Try it yourself, and you will see that it is more difficult than coming up with a computer from scratch.

---------------------------
Unfortunately, quantum computers do not make encryption better.
Cryptography (encryption) is getting ready to accept the challenge of quantum computing.
But methods to counter such a threat are new post-quantum encryption systems on a regular computer.
The main requirement for such systems is the lack of modern encryption principles used in public and private key systems. Namely, factorization and discrete logirification in the fields of very large numbers.
And most importantly - no elliptical curves.
The reason for rejecting any cryptography on elliptic curves is that I have described more than once and in detail. The main reason for the unreliability of cryptography on elliptic curves is the elliptic curves themselves. There is no proven means to verify their safety. On the contrary, there is a lot of data about weaknesses in curves certified by the same NIST. And this is not a joke. This is like a special operation. Those who do not know about this problem, but do not know the absolute majority, use it. And those who implemented this cryptography use their knowledge, the weaknesses of this encryption method for their own purposes.

Many weaknesses of modern cryptography systems constitute a state secret. That is why this cryptography is not used in serious matters.

In everyday life - please encrypt, for those who really need it - they will decrypt it, but they will never tell you about it, this is a secret.

If this were not so, then we would not be looking for new post-quantum encryption systems, but simply would increase the key length in existing ones.

Blockchain based on SHA256 and ECC - in doubt today. But I think that its reliable place is only SHA256.
The fact is that the AES-256 remains a post-quantum system. The reason is simple - a quantum computer, even of the second generation, never breaks a 256-bit key, because, in symmetric systems, all the values ​​of this key work. And in asymmetric systems - only a very small part of the whole set.
But a symmetric system does not break with mathematical methods (this is cryptanalysis), and all modern asymmetric ones, including our ECC, breaks. Therefore, to increase the key length in ECC - it makes no sense.

Therefore, it does not accept any asymmetric system based on modern encryption principles for the NIST contest.

And if the AES-256 remains, then the SHA256 remains, this is the same level of reliability. Moreover, if the system does not break mathematically (by cryptanalysis), then increasing the key length, any number of times is not a problem.

-------------------
Yes, this is a real type of attack that is used in offline systems.

Another type of attack, which I did not mention in the last post, the modern vector of attack on offline (Internet) computers is a two-way connector using ultrasound through a conventional acoustic device, portable device or personal computer.
Interestingly, a normal speaker, notebook, even a modern smartphone, is able to not only emit in the ultrasonic range (above 22 kHz), but also act as a microphone for such signals.

In general, the situation with our personal security is not only bad, but it is also deteriorating.

That's why everything possible is taken into account when developing keyless encryption and data transfer technology.

Now back to the past post, to the question of encrypting and transmitting ordinary information and false, false information, the system is capable of doing it very organically.

For security reasons, the mode of dealing with fake information is exactly the same as with useful information. Absolutely identical, speed of all transformations of system, level and reliability of encryption, etc..
In system in general nothing changes in terms of load on computing resources and memory.
These methods (and there are others) do not allow an external observer to notice and analyze the work of the system on the difference in power consumption of the user device.

In addition, it is the keyless system has a unique protection against processing erroneous, modified data packet in any of its modes of operation.
But especially well it works in an encryption mode and transfer of the false information, more precisely at the moment of its reception and decoding.
It is possible because the rule of generation of fake (not given by the user) information is the same for both systems (or more) being in the closed by encryption communication channel.

All these systems have for their LTT and for their closed communication channel a unique formula for finding such information, based on current geometric events, defined for that moment in time.

 Therefore, any modifications in such a data packet are independent:
- or these are modifications of the noise origin;
- or it's the elements of thoughtful modifications for an attack, the system instantly sees these deviations at level 1 of the damaged bit.

It is clear that this effect of instant verification of any received data packet (when any 1 modified bit of the received packet is visible) is not present in the mode of work with ordinary user information. In this case, the modification at the level of 1 bit of information will certainly be visible, but later, after 1-3 next packet of received information, and it is the same, very, very quickly.

The reason is very simple - user information by definition has entropy, has natural uncertainty, so it is information, not expected data. So the error will be shown later because it will naturally break the symmetry of systems in the communication channel. Additional explanations are superfluous here.

The main and very useful thing is that any modification will sooner or later be visible because only keyless encryption systems use all information derivatives to select multiple encryption schemes on multiple rounds of encryption to form the next packet of information.

---

A data packet is the basis for everything in a keyless system.
It has to be formed in a unique way.
Its task is to transmit not only the coded information, but also service information to control and synchronize symmetric states of systems in the communication channel.
For this purpose, commands are used. Many commands carrying "service" information are duplicated by a hidden addition to the main user information - information that is fake, but has a logical value for the system itself, which has accepted this package.  This is such "secret" correspondence between systems over the main coded information and commands encrypted in each data packet. We call them "character commands".
These character commands, in addition, will confirm the basic commands of the system.
But as we strive for maximum secrecy, all commands have their own full-bit duplicates. All the duplicate commands have the exact opposite value of the command bit. This is done to ensure that the number of bits "units" relative to bits "zeros" does not change regardless of the command code.
For example, a command has a code: 00000000000000000000000001
Then her take will be recorded:         11111111111111111111111110

This is done so that the cryptanalyst cannot analyze the appearance of a command in the packet by measuring the density of any (binary) values of all bits relative to the selected value (e.g. the number "1" relative to "0").

If you do it on conscience, you should do it well, without exceptions. 

---

Geometric encryption methods, in fact, do not encrypt information, unlike other cryptographic systems.

They set temporal correspondence of information intended for encoding - to internal virtual elements of the system.

The system then forms a reference to this selected element.

The link and only the link is digitized and encoded. It is transmitted through open communication channels.

The link itself does not contain any coded information. Therefore, to use cryptanalysis or brute force method to the code of a link is meaningless and useless.

These principles contain the essence of not only geometric encryption methods but also keyless encoding methods.

Moreover, such model allows to change easily the place of each bit in the data packet intended for transmission to the open communication channel.

This feature, this advantage allows you to easily hide code sections such as were described in the past post, namely:
000000000000000000000000001

Especially when there's a full reverse take of that code:
111111111111111111111111110

Diffusion of each digit of the total code made up of the two above - will give the resulting code that is not similar to its original components.

Moreover, the method of full bitwise diffusivity (permutation of bits) applied to any code summed up with its inverse variant - will always give a new code in which all bits will be arranged in pseudo-random order.
Moreover, the number of units and zeros will always be in equilibrium.

This is the most unpleasant model for cryptanalysis.

The code, which contains no coded information and is obtained without a key, is not afraid of cryptanalysis at all, nor of complete search, nor of finding the key, nor of quantum computers of any complexity.

---

It is worth explaining that only the command part of the data packet is duplicated, which is from 8 to 20% of the capacity of the entire package.
The code containing the informational part of the package can be duplicated in the same way, but probably this makes no sense.

Command codes and codes duplicating these commands (logical repetitions of commands) are the same in size, but different in bit value.
They are not transmitted in clear text. Another round of encryption takes place.
The double of any command, like the command itself, must be decrypted, and only then check the inverse correspondence to the command of each bit.

Given the development of modern cryptanalysis, many of the capabilities of which are unknown to us, in this keyless encryption technology, after the bits are rearranged, a data packet (consisting of an information code, an instruction code and a code of duplicate commands) is encoded by another round of encryption - it is modulo 2 s disposable binary tape.

This one-time binary tape is obtained in the same geometric way that was described in previous posts. The model of internal geometric space is calculated in such a way that the maximum generation volume of one-time binary tapes occurring at the moment the space transformation is stopped is many orders of magnitude (!) Higher than the size of the information that needs to be encoded.

This binary random sequence is single and unique for each data packet. Therefore, as a result, in fact, we get a cipher similar to a cipher of the Vernam class.

And then again the mass theft and then the total sale of our user data.

Earlier on the black market Dream Market in darkness were put up for sale 617 million accounts stolen from users 16 compromised sites. For $20,000. in bitcoins anyone could buy 162 million compromised Dubsmash accounts, 151 million MyFitnessPal, 92 million MyHeritage, 41 million ShareThis, 28 million HauteLook, 25 million Animoto, 22 million EyeEm, 20 million 8fit, 18 million Whitepages, 16 million Fotolog, 15 million 500px, 11 million Armor Games, 8 million BookMate, 6 million CoffeeMeetsBagel, 1 million Artsy and 0.7 million DataCamp.

I think that whoever invests 20,000 bitcoins in this illegal deal will not do it just to destroy them.

Let's say our, your, my private data, passwords got into these databases. What are we supposed to do?  Change our passwords, our IDs.

It's the constant change of our numeric identifier that suggests passwordless authentication technology. This change is permanent and it doesn't matter if your secret data is stolen or not.
Agree that not all of the information about what is being reported reaches us.

So, why expect this if you can prevent such an outrage, even if every day they steal now, will not be able to use it.

This is the innovation and essence of the technology of variables but deterministic for only one package of information, digital user IDs.
This is the essence of passwordless technology of user authentication by the server, user authentication by the user, etc.

 And such authentification occurs necessarily in two directions, on other it is not possible.
This completely excludes phishing regardless of the level of preparation of the attacker and the degree of carelessness of the user.

In general, a leak of data, any private data, may result in compromising accounts through password mining based on stolen information or using a stolen password.
Same scheme of attack development - on key information with the same or greater consequences.
Fraudsters also think about our bank data and methods of finding them or information that allows to access bank card data, pin codes, etc. in the same way.

As we can see from these observations on the logic of swindlers' attack, the ultimate goal is password, key, pin code and other permanent user identifiers.

The main word in this last sentence is Persistent Identifiers. And it does not matter what these identifiers are. What matters is their main disadvantage - their permanent nature.

Here is some known information, think about it:

1. Unknown persons have published unencrypted email addresses and user passwords in the public domain.  Security researcher Bob Diachenko discovered an unsecured Elasticsearch database back on December 4 this year, but it was indexed by the BinaryEdge search engine and has been publicly available ever since.
The database contained 2.7 billion e-mail addresses and over 1 billion unencrypted passwords to them. Database analysis showed that most of the data is a leak put up for sale by a cybercriminal under the nickname DoubleFlag.

2. In 2019, there were more than 14 billion user data records in the public domain around the world!
This figure is twice as high as the user data leak in 2018.

Thought it over.
Now the questions:
1) Why so many?
It's so much that calculations show - it's probably almost all users on the planet! 
2) And why is it coming out?
3) And where is the certainty that we are not in these bases?
4) Who says anything that steals in this sphere is published?

Who knows, is silent.

I draw one conclusion - we're all in danger of cyber crimes.

It's for these reasons that we advocate variable user IDs that make no sense to steal and sell.

Bitcoin will end up like a longwave radio or telegraph. First it is necessary to make it possible to make fast small transactions, purchases, say 1 second after the occurrence of such a desire, and then to see the perspective of this technology. The technology used to turn the bitcoin is only suitable for use as a place to save capital, large anonymous purchases (although this is a controversial issue, anonymity is only for simpletoners) and earning on speculative growth. These are powerful tools for raising capital in this asset, but these privileges will quickly end when an alternative is available. And there will be many alternatives soon. And what to do after the success of quantum computing, in 5 years, I do not know at all. You have to be under stress with such prospects. Is this an island of safety and tranquility?

Bitcoin has an advantage over other cryptoactives because of the psychological characteristics of most people.
He's the first, he's the most promoted advertisement, he's been poured a lot of money into it. That's all. He has no other advantages.
Bitcoin cryptography is the most common and the most controversial in reliability. We're talking about digital signature based on elliptical curves. serious organizations have abandoned this cryptography since about 2015.
There's nothing else to do with it.
But a change of opinion is not far off.
There are already cryptographic currencies with good cryptography, post quantum. It's not the primitive level that Bitcoin has now.
Wait a couple more years, everybody will be announced the end of any current asymmetric cryptography to which ECC belongs and everybody will move to a currency based on XMSS and post quantum encryption methods. Such currency is already in use, but the herd psychology of the investor is still looking at "like everyone else" until the thunder comes down.