Bitcoin Forum
December 17, 2017, 12:38:37 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: In light of the NSA's disclosure about ECC, how is cryptocurrency affected?  (Read 2555 times)
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1792

Newbie


View Profile
November 03, 2015, 11:46:08 AM
 #21

and as I said, bitcoin would be our last concern.

This is ostrich policy. Banks won't be attacked by agencies that will get QCs.
1513471117
Hero Member
*
Offline Offline

Posts: 1513471117

View Profile Personal Message (Offline)

Ignore
1513471117
Reply with quote  #2

1513471117
Report to moderator
1513471117
Hero Member
*
Offline Offline

Posts: 1513471117

View Profile Personal Message (Offline)

Ignore
1513471117
Reply with quote  #2

1513471117
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513471117
Hero Member
*
Offline Offline

Posts: 1513471117

View Profile Personal Message (Offline)

Ignore
1513471117
Reply with quote  #2

1513471117
Report to moderator
Tstar
Hero Member
*****
Offline Offline

Activity: 784



View Profile
November 03, 2015, 11:51:03 AM
 #22

I'm not talking about banks man. I'm worried about public transportations, people's sensitive data and so forth.
You could say I'm being paranoid a bit. But, again, if such a thing would be used for the bad you would not care about your BTC wallet.

        ▄▄█████▄▄
     ▄▄███████████▄▄
  ▄▄█████████████████▄▄
▄███████████████████████▄
████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
████████████████████████
▀███████████████████████▀
  ▀▀█████████████████▀▀
     ▀▀███████████▀▀
        ▀▀█████▀▀



████    ▄██████▄
████  ▄████▀▀████▄    ▄▄▄▄▄▄▄      ▄▄▄▄▄▄▄    ▄▄▄ ▄▄▄▄▄
████  ████    ████  ▄█████████▄  ▄█████████▄  ██████████▄
████  ████    ████  ████   ████  ████   ████  ████  ▀████
████  ████    ████  ███████████  ████   ████  ████   ████
████  ▀████▄▄████▀  ████   ▄▄▄▄  ████▄▄▄████  ████   ████
████    ▀▀███████▄   ▀███████▀    ▀███████▀   ████   ████
               ▀▀▀▀
























iQeon
.FACEBOOK  ◆  TWITTER  ◆  VK  ◆  INSTAGRAM  ◆  TELEGRAM.
.
REDDIT   ◆   GOOGLE+   ◆  STEEMIT  ◆   SLACK   ◆   LINKEDIN.












achow101
Moderator
Legendary
*
Offline Offline

Activity: 1246


17kKQppUsngUiByDsce4JXoZEjjpvX9bpR


View Profile WWW
November 03, 2015, 12:06:33 PM
 #23

Come-from-Beyond,
so let's assume you have a quantum computer that you can use to mine BTC.
Can you use it to disrupt the mining process or not?

Yes, with a QC you can invalidate last 1000 blocks, generate 20000 empty blocks and stop mining leaving the others with 20-year block times.
Really? Can you back that up with maybe some research?

Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.

Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1792

Newbie


View Profile
November 03, 2015, 12:16:53 PM
 #24

Really? Can you back that up with maybe some research?

Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.

Check the quote from the whitepaper upthread. In layman terms, SHA512 won't help, because at current difficulty Bitcoin operates only on 68 bits, the other zillion bits are completely irrelevant.
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1246


17kKQppUsngUiByDsce4JXoZEjjpvX9bpR


View Profile WWW
November 03, 2015, 12:41:47 PM
 #25

Really? Can you back that up with maybe some research?

Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.

Check the quote from the whitepaper upthread. In layman terms, SHA512 won't help, because at current difficulty Bitcoin operates only on 68 bits, the other zillion bits are completely irrelevant.
I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.

Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1792

Newbie


View Profile
November 03, 2015, 12:49:06 PM
 #26

I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.

It means exactly this - effective hash width is 68 bits. Sorry, can't provide formal proof, just google around.
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1246


17kKQppUsngUiByDsce4JXoZEjjpvX9bpR


View Profile WWW
November 04, 2015, 04:50:11 AM
 #27

I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.

It means exactly this - effective hash width is 68 bits. Sorry, can't provide formal proof, just google around.
The effective bit length is actually 136 bits since good algorithms like SHA 256 will require 2^(bit length/2) computations to brute force a single hash. This effective bit length will also change as the difficulty increases because miners will need to search through more nonces when there is a higher difficulty, so the bitcoin network would adjust to a quantum miner so blocks would still come out at around 10 minutes per block. So if we double the bit length by switching to SHA512, the effective bit length will also double so this will essentially make the quantum miners not anymore powerful than classical miners.

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318



View Profile WWW
November 04, 2015, 05:37:57 AM
 #28

One Time Pad without re-use.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 1792

Newbie


View Profile
November 04, 2015, 09:49:30 AM
 #29

The effective bit length is actually 136 bits since good algorithms like SHA 256 will require 2^(bit length/2) computations to brute force a single hash. This effective bit length will also change as the difficulty increases because miners will need to search through more nonces when there is a higher difficulty, so the bitcoin network would adjust to a quantum miner so blocks would still come out at around 10 minutes per block. So if we double the bit length by switching to SHA512, the effective bit length will also double so this will essentially make the quantum miners not anymore powerful than classical miners.

Frankly saying, it looks like you randomly put N, N/2 and 2N into different places trying to guess the correct formula. Maybe read the quoted whitepaper first? When the difficulty goes up quantum computers will get even a bigger advantage because of increased leverage (from 17 billion to trillions).
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!