Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
November 03, 2015, 11:46:08 AM |
|
and as I said, bitcoin would be our last concern.
This is ostrich policy. Banks won't be attacked by agencies that will get QCs.
|
|
|
|
|
|
|
|
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
Tstar
Legendary
Offline
Activity: 1176
Merit: 1005
Decentralized Asset Management Platform
|
|
November 03, 2015, 11:51:03 AM |
|
I'm not talking about banks man. I'm worried about public transportations, people's sensitive data and so forth. You could say I'm being paranoid a bit. But, again, if such a thing would be used for the bad you would not care about your BTC wallet.
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3374
Merit: 6535
Just writing some code
|
|
November 03, 2015, 12:06:33 PM |
|
Come-from-Beyond, so let's assume you have a quantum computer that you can use to mine BTC. Can you use it to disrupt the mining process or not?
Yes, with a QC you can invalidate last 1000 blocks, generate 20000 empty blocks and stop mining leaving the others with 20-year block times. Really? Can you back that up with maybe some research? Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
November 03, 2015, 12:16:53 PM |
|
Really? Can you back that up with maybe some research?
Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.
Check the quote from the whitepaper upthread. In layman terms, SHA512 won't help, because at current difficulty Bitcoin operates only on 68 bits, the other zillion bits are completely irrelevant.
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3374
Merit: 6535
Just writing some code
|
|
November 03, 2015, 12:41:47 PM |
|
Really? Can you back that up with maybe some research?
Last I checked, the only thing that makes quantum computers more efffective at hashing is grover's algorithm, which practically reduces the bit length by half. For the same security, the bit length can just be doubled, so using SHA512 instead of SHA256 on a quantum computer is the same as SHA256 on a classical computer.
Check the quote from the whitepaper upthread. In layman terms, SHA512 won't help, because at current difficulty Bitcoin operates only on 68 bits, the other zillion bits are completely irrelevant. I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
November 03, 2015, 12:49:06 PM |
|
I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.
It means exactly this - effective hash width is 68 bits. Sorry, can't provide formal proof, just google around.
|
|
|
|
achow101
Moderator
Legendary
Offline
Activity: 3374
Merit: 6535
Just writing some code
|
|
November 04, 2015, 04:50:11 AM |
|
I don't see where it says where it uses 68 bits. It says that it must search through on average 2^68 nonces. From what I understand, this does not mean that it is only 68 bits and that the number of nonces to search through will increase with a higher difficulty.
It means exactly this - effective hash width is 68 bits. Sorry, can't provide formal proof, just google around. The effective bit length is actually 136 bits since good algorithms like SHA 256 will require 2^(bit length/2) computations to brute force a single hash. This effective bit length will also change as the difficulty increases because miners will need to search through more nonces when there is a higher difficulty, so the bitcoin network would adjust to a quantum miner so blocks would still come out at around 10 minutes per block. So if we double the bit length by switching to SHA512, the effective bit length will also double so this will essentially make the quantum miners not anymore powerful than classical miners.
|
|
|
|
DuddlyDoRight
|
|
November 04, 2015, 05:37:57 AM |
|
One Time Pad without re-use.
|
I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1009
Newbie
|
|
November 04, 2015, 09:49:30 AM |
|
The effective bit length is actually 136 bits since good algorithms like SHA 256 will require 2^(bit length/2) computations to brute force a single hash. This effective bit length will also change as the difficulty increases because miners will need to search through more nonces when there is a higher difficulty, so the bitcoin network would adjust to a quantum miner so blocks would still come out at around 10 minutes per block. So if we double the bit length by switching to SHA512, the effective bit length will also double so this will essentially make the quantum miners not anymore powerful than classical miners.
Frankly saying, it looks like you randomly put N, N/2 and 2N into different places trying to guess the correct formula. Maybe read the quoted whitepaper first? When the difficulty goes up quantum computers will get even a bigger advantage because of increased leverage (from 17 billion to trillions).
|
|
|
|
|