Bitcoin Forum
November 20, 2018, 08:25:51 AM *
News: Latest Bitcoin Core release: 0.17.0 [Torrent].
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 ... 735 »
  Print  
Author Topic: IOTA  (Read 1322497 times)
This is a self-moderated topic. If you do not want to be moderated by the person who started this topic, create a new topic.
iotatoken
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
November 16, 2015, 11:54:41 AM
 #641

Two years ago I was the first German blogger that took notice of Nxt. I hope for IOTA I can also play an important role to create attention in the German speaking communities (what includes Switzerland and Austria as well).

This first post includes a lot of information from this thread also some parts of the cointelegraph interview and other sources from the web.
In addition I brought attention to Jinn and how IOTA is related to this semiconductor start up:
https://altcoinspekulant.wordpress.com/2015/11/15/iota-kryptowaehrungsrevolution-zum-internet-of-things/

Have a good start in the week!


Thanks a lot !

1542702351
Hero Member
*
Offline Offline

Posts: 1542702351

View Profile Personal Message (Offline)

Ignore
1542702351
Reply with quote  #2

1542702351
Report to moderator
1542702351
Hero Member
*
Offline Offline

Posts: 1542702351

View Profile Personal Message (Offline)

Ignore
1542702351
Reply with quote  #2

1542702351
Report to moderator
1542702351
Hero Member
*
Offline Offline

Posts: 1542702351

View Profile Personal Message (Offline)

Ignore
1542702351
Reply with quote  #2

1542702351
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Tobo
Hero Member
*****
Offline Offline

Activity: 762
Merit: 500


View Profile
November 16, 2015, 12:40:31 PM
 #642


If quantum computers become popular, what impact will it bring to Bitcoin and other existing cryptocoins?
patmast3r
Hero Member
*****
Offline Offline

Activity: 980
Merit: 1001


View Profile
November 16, 2015, 12:48:08 PM
 #643


If quantum computers become popular, what impact will it bring to Bitcoin and other existing cryptocoins?

Pretty much all current public-key cryptography is done for.

iotatoken
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
November 16, 2015, 01:18:36 PM
 #644


If quantum computers become popular, what impact will it bring to Bitcoin and other existing cryptocoins?


https://bitscan.com/articles/all-about-iota-ii-the-tangle-and-quantum-resistant-cryptography This explains some of it

Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 02:06:06 PM
 #645

Pretty much all current public-key cryptography is done for.

PoW blockchain mining too. PoS/PoI/DPoS blockchains unaffected.
Tobo
Hero Member
*****
Offline Offline

Activity: 762
Merit: 500


View Profile
November 16, 2015, 02:25:14 PM
 #646

Pretty much all current public-key cryptography is done for.
PoW blockchain mining too. PoS/PoI/DPoS blockchains unaffected.

How difficult is it for Bitcoin and Ethereum to switch their current algorithms to quantum resistant cryptographic algorithms?
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 02:26:22 PM
 #647

How difficult is it for Bitcoin and Ethereum to switch their current algorithms to quantum resistant cryptographic algorithms?

Ethereum is migrating to PoS. Bitcoin will be dead.
patmast3r
Hero Member
*****
Offline Offline

Activity: 980
Merit: 1001


View Profile
November 16, 2015, 02:30:19 PM
 #648

Pretty much all current public-key cryptography is done for.

PoW blockchain mining too. PoS/PoI/DPoS blockchains unaffected.

I guess those would be unaffected but those projects would still need to swtich from ecdsa to something else that is "quantum secure" for all their signing right ?

Tobo
Hero Member
*****
Offline Offline

Activity: 762
Merit: 500


View Profile
November 16, 2015, 02:30:39 PM
 #649

How difficult is it for Bitcoin and Ethereum to switch their current algorithms to quantum resistant cryptographic algorithms?
Ethereum is migrating to PoS. Bitcoin will be dead.

But Ethereum still needs to take care their public key attack issues. Is it easy for Etheruem or POS to switch to a new algorithms to protect the public keys?
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 02:33:23 PM
 #650

I guess those would be unaffected but those projects would still need to swtich from ecdsa to something else that is "quantum secure" for all their signing right ?

Don't know about the others, but Nxt Account Control feature includes QC-resistance.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 02:36:20 PM
 #651

Is it easy for Etheruem or POS to switch to a new algorithms to protect the public keys?

Existing schemes of QC-proof signing require pretty big signatures. In Iota, for example, ~433 bytes are occupied by the signature, it's exactly 50% of the transaction size.
tromp
Hero Member
*****
Offline Offline

Activity: 573
Merit: 521


View Profile
November 16, 2015, 02:39:29 PM
 #652

Pretty much all current public-key cryptography is done for.

PoW blockchain mining too.

Hashcash PoW (like Bitcoin's and most altcoin's) is amenable to Grover search which can search a space of n nonces in time O(sqrt(n)).

But Hashcash with large memory requirements will likely not be affected as long as scaling quantum computers up to millions of bits remains elusive.

Non-hashcash PoWs like Cuckoo Cycle are even less affected, as they are immune to Grover search.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 02:49:54 PM
 #653

Hashcash PoW (like Bitcoin's and most altcoin's) is amenable to Grover search which can search a space of n nonces in time O(sqrt(n)).

But Hashcash with large memory requirements will likely not be affected as long as scaling quantum computers up to millions of bits remains elusive.

Non-hashcash PoWs like Cuckoo Cycle are even less affected, as they are immune to Grover search.

"Improvements" like Scrypt make nodes more vulnerable to spam. Also, a quantum computer doesn't need to evaluate a whole hash value, it can verify first bits and throw away nonces that don't suit with high probability. BTW, why is Cuckoo Cycle less affected, birthday paradox problems are solved with N^(1/3) effort VS N^(1/2).
tromp
Hero Member
*****
Offline Offline

Activity: 573
Merit: 521


View Profile
November 16, 2015, 03:39:36 PM
 #654

Hashcash PoW (like Bitcoin's and most altcoin's) is amenable to Grover search which can search a space of n nonces in time O(sqrt(n)).

But Hashcash with large memory requirements will likely not be affected as long as scaling quantum computers up to millions of bits remains elusive.

Non-hashcash PoWs like Cuckoo Cycle are even less affected, as they are immune to Grover search.

 Also, a quantum computer doesn't need to evaluate a whole hash value, it can verify first bits and throw away nonces that don't suit with high probability.

Computing a single bit of a hash is almost as much effort as computing the whole hash; you might be saving a percent or two at most.

Quote
BTW, why is Cuckoo Cycle less affected, birthday paradox problems are solved with N^(1/3) effort VS N^(1/2).

Because, unlike Birthday collision problems, Cuckoo Cycle is a more structured search problem; you must find a 42 cycle in an arbitrary graph.
There are no known quantum speedups for such graph problems.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 03:51:03 PM
 #655

Computing a single bit of a hash is almost as much effort as computing the whole hash; you might be saving a percent or two at most.

Could you provide a proof of this statement? http://jheusser.github.io/2013/02/03/satcoin.html claims the opposite.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 04:28:53 PM
 #656

But Hashcash with large memory requirements will likely not be affected as long as scaling quantum computers up to millions of bits remains elusive.

I didn't find information on time-memory trade-off of quantum computers, but if we assume that the trade-off is not worse than the trade-off of classical computers then we get that memory increase of the hashing function can be counteracted by increasing time we run the computations. So Hashcash with large memory won't save us.
tromp
Hero Member
*****
Offline Offline

Activity: 573
Merit: 521


View Profile
November 16, 2015, 04:33:59 PM
 #657

Computing a single bit of a hash is almost as much effort as computing the whole hash; you might be saving a percent or two at most.

Could you provide a proof of this statement?

Thus follows directly from how SHA256 is defined.
It is many rounds of confusion and dispersion;
so that each single bits in one round depends on pretty much all bits of previous rounds.

Quote

That is a long document to read. Where exactly does it claim that?
tromp
Hero Member
*****
Offline Offline

Activity: 573
Merit: 521


View Profile
November 16, 2015, 04:37:39 PM
 #658

But Hashcash with large memory requirements will likely not be affected as long as scaling quantum computers up to millions of bits remains elusive.

I didn't find information on time-memory trade-off of quantum computers, but if we assume that the trade-off is not worse than the trade-off of classical computers then we get that memory increase of the hashing function can be counteracted by increasing time we run the computations. So Hashcash with large memory won't save us.

Of course I was talking about hash-functions that don't allow for time-memory trade-offs.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 05:21:04 PM
 #659

Of course I was talking about hash-functions that don't allow for time-memory trade-offs.

Give me the name of one of such functions, please. The trade-off is a pretty universal thing, the best a function can do is to keep time*memory*advice constant, if I'm not mistaken.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2072
Merit: 1007

Newbie


View Profile
November 16, 2015, 05:27:47 PM
 #660

so that each single bits in one round depends on pretty much all bits of previous rounds.

This means that after some number of rounds SHA256 doesn't give a better mixing, hence it's possible to do a shortcut by finding a polynomial with fewer number of operators.


That is a long document to read. Where exactly does it claim that?

Quote
I introduced a novel algorithm to solve the bitcoin mining problem without using (explicit) brute force. Instead, the nonce search is encoded as a decision problem and solved by a SAT solver in such a way that a satisfiable instance contains a valid nonce. The key ingredients in the algorithm are a non-deterministic nonce and the ability to take advantage of the known structure of a valid hash using assume statements.

A couple of benchmarks demonstrated that already with simple parameter tuning dramatic speed ups can be achieved. Additionally, I explored the contentious claim that the algorithm might get more efficient with increasing bitcoin difficulty. Initial tests showed that block 218430 with considerably higher difficulty is solved more efficiently than the genesis block 0 for a given nonce range.

This means that in average computation of a single bit takes less time than computation of the whole hash.
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 [33] 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 ... 735 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!