[BREAKING] Quantum Computer Hits. BFL, bASIC etc all dead. End of BTC?

[ElectricMucus]

I will leave this here:
http://en.wikipedia.org/wiki/D-Wave_Systems#Criticism

Also as Mike points out even if true and even if it could be used to cost effectively break x bit ECDSA keypairs, 128 qubits is insufficient by at least 2 orders of magnitude to break a 256bit ECDSA keypair.   The estimate for researchers (in paper above) is ~6 logical qubits per bit in the keysize of ECDSA.   So 6*256 = 1500 qubits.   Note this is logical qubits.  With only a single physical qubit per logic qubit the amount of error and noise would simply make any results worthless.  A ballpark figure is 12 to 20 physical qubits (to perform error code correction algorithms) per logical qubit is estimated.   So to break 256bit ECDS would require in the ballpark of a single 24,000 physical qubits computer.   A 128 qubit computer could break 2 to 3 bit ECDSA keys.  Then again I could break them with a notepad and a good pencil a lot faster.

If/when massive QC start being built a "simple" interim step would be to make a new address type which uses a larger ECDSA curve.  It would require a hard fork but would remain backwards compatible with existing addresses.  Create a new address standard, give it a new version (first digit of address) and use a 384bit (or even 512bit) ECDSA keypair.    Once the network transistions over users could send funds to these "high security version 2" addresses.

The cost to increase the key size is much smaller than the cost to build increasingly larger QC.  It also has the added bonus that larger QC may simply not be possible (with current tech).  So hypothetically someday it may be possible to break 256bit at high cost but completely impossible to break 384bit one at any cost.  Unlike classical computing you can't combine multiple smaller qubit QC to gain a higher computing power.  They aren't parallel like that.

Vesuvius

In early 2012, D-Wave Systems revealed a 512-qubit code named Vesuvius,[21] which it expects to launch before the end of 2012.[22]

If that is true they seem to exceed Moore's Law. But even if they are not given any exponential increase 24000 qubit aren't that far away.

To emphasise this: According to your own estimation a 512bit ecdsa would require 48000 qubits.

[1715338790]

1715338790

[1715338790]

1715338790

[1715338790]

1715338790

[1715338790]

1715338790

[MPOE-PR]

MPOE-PR, if you reall believe that this is a true threat, then you should also believe that the exchange value of your bitcoins is going to tank soon.  I, however, don't believe that is a near term risk.  So I willing to offer you $5 per bitcoin, for each and every bitcoin your have.  I'd be willing to take out a bank loan just to be able to do so.  Let me know when you're ready.

Nothing but naysayers on this forum. Why all the negativity?

PREORDER NOW

(Good pick on Ron Paul 2012 btw. I trust that wasn't another bank loan?)

[MoonShadow]

MPOE-PR, if you reall believe that this is a true threat, then you should also believe that the exchange value of your bitcoins is going to tank soon.  I, however, don't believe that is a near term risk.  So I willing to offer you $5 per bitcoin, for each and every bitcoin your have.  I'd be willing to take out a bank loan just to be able to do so.  Let me know when you're ready.

Nothing but naysayers on this forum. Why all the negativity?

I'm not knocking your position, I just don't agree, and believe that I stand to profit if I'm correct.  Conversely, you stand to profit if I'm incorrect; as you'd sell higher than zero

(Good pick on Ron Paul 2012 btw. I trust that wasn't another bank loan?)

I knew years ago that Ron Paul would not be president.  That has zero bearing on who I vote for, however.

[fghj]

They do things that this kitten wants https://dwave.wordpress.com/2011/11/25/quantum-computing-and-light-switches/
It doesn't look like breaking ECDSA or SHA-256.

[ElectricMucus]

They do things that this kitten wants https://dwave.wordpress.com/2011/11/25/quantum-computing-and-light-switches/
It doesn't look like breaking ECDSA or SHA-256.

The point here is: NP-Complete problems aren't inherently different when it comes to their difficulty in solving them.

[MPOE-PR]

I am sorry to announce that there have been some fabrication delays at the secret fabrication plant which does exist and deliveries will be happening no earlier than February 31st. For more details see here.

PS. To all the trolls that posted here making false claims: I'm not answering to you because you are not real customers.

[Beans]

I will leave this here:
http://en.wikipedia.org/wiki/D-Wave_Systems#Criticism

Also as Mike points out even if true and even if it could be used to cost effectively break x bit ECDSA keypairs, 128 qubits is insufficient by at least 2 orders of magnitude to break a 256bit ECDSA keypair.   The estimate for researchers (in paper above) is ~6 logical qubits per bit in the keysize of ECDSA.   So 6*256 = 1500 qubits.   Note this is logical qubits.  With only a single physical qubit per logic qubit the amount of error and noise would simply make any results worthless.  A ballpark figure is 12 to 20 physical qubits (to perform error code correction algorithms) per logical qubit is estimated.   So to break 256bit ECDS would require in the ballpark of a single 24,000 physical qubits computer.   A 128 qubit computer could break 2 to 3 bit ECDSA keys.  Then again I could break them with a notepad and a good pencil a lot faster.

If/when massive QC start being built a "simple" interim step would be to make a new address type which uses a larger ECDSA curve.  It would require a hard fork but would remain backwards compatible with existing addresses.  Create a new address standard, give it a new version (first digit of address) and use a 384bit (or even 512bit) ECDSA keypair.    Once the network transistions over users could send funds to these "high security version 2" addresses.

The cost to increase the key size is much smaller than the cost to build increasingly larger QC.  It also has the added bonus that larger QC may simply not be possible (with current tech).  So hypothetically someday it may be possible to break 256bit at high cost but completely impossible to break 384bit one at any cost.  Unlike classical computing you can't combine multiple smaller qubit QC to gain a higher computing power.  They aren't parallel like that.

Vesuvius

In early 2012, D-Wave Systems revealed a 512-qubit code named Vesuvius,[21] which it expects to launch before the end of 2012.[22]

If that is true they seem to exceed Moore's Law. But even if they are not given any exponential increase 24000 qubit aren't that far away.

To emphasise this: According to your own estimation a 512bit ecdsa would require 48000 qubits.

Moore's Law is just some guys guess, it has nothing to do with fact. It has already been proven to be wrong anyway. There is no way to chart computational growth for the future.

[Third Way]

BREAKING NEWS: I have a bridge in Brooklyn to sell you.

Does it hash?

You bet I hash, ehehehehe

[smoothie]

Dang, I wish I had read the above response before I panicked and dumped all my BTC because MPOE-PR told me Bitcoin was broken.

What ever happened to that 10,000 BTC you left with Pirate because you believed he would pay? LOL 

[BurtW]

Dang, I wish I had read the above response before I panicked and dumped all my BTC because MPOE-PR told me Bitcoin was broken.

What ever happened to that 10,000 BTC you left with Pirate because you believed he would pay? LOL 

I lost it.  Any other stupid questions?

[greyhawk]

Maybe he'll pay them back?

[jcpham]

troll, troll, troll your boat...

hi burtw!
hi MPOE-PR (why do you type so many words, my kitchen doesn't have forums)
hi smoothie!

...actually there are some smart people "threading it up" here.

[ImNotHerb]

Integrated quantum computer system with 128 qubit chipset AVAILABLE FOR PREORDER NOW. Deliveries slated to begin early January. No concerns of Chinese New Year.

Link: http://www.dwavesys.com/en/dw_homepage.html

Sorry everyone. The jig, it is up.

Quantum computers are one of those technologies like fusion power that is perpetually "only 10 or 20 years away". I would bet every BTC I have that this is a scam to cash in on the hype surrounding quantum computers as opposed to whatever is inside their "shielded black box" is capable of doing. A good tell is that they're searching for "investors" (rubes) rather than publishing in physics journals.

[greyhawk]

Integrated quantum computer system with 128 qubit chipset AVAILABLE FOR PREORDER NOW. Deliveries slated to begin early January. No concerns of Chinese New Year.

Link: http://www.dwavesys.com/en/dw_homepage.html

Sorry everyone. The jig, it is up.

Quantum computers are one of those technologies like fusion power that is perpetually "only 10 or 20 years away". I would bet every BTC I have that this is a scam to cash in on the hype surrounding quantum computers as opposed to whatever is inside their "shielded black box" is capable of doing. A good tell is that they're searching for "investors" (rubes) rather than publishing in physics journals.

Uhuh.... "Nature" not good enough now?

http://www.nature.com/srep/2012/120813/srep00571/full/srep00571.html

This was done using your supposed "scam" machine.

[wachtwoord]

Cool thanks for sharing!

[Phinnaeus Gage]

Integrated quantum computer system with 128 qubit chipset AVAILABLE FOR PREORDER NOW. Deliveries slated to begin early January. No concerns of Chinese New Year.

Link: http://www.dwavesys.com/en/dw_homepage.html

Sorry everyone. The jig, it is up.

Quantum computers are one of those technologies like fusion power that is perpetually "only 10 or 20 years away". I would bet every BTC I have that this is a scam to cash in on the hype surrounding quantum computers as opposed to whatever is inside their "shielded black box" is capable of doing. A good tell is that they're searching for "investors" (rubes) rather than publishing in physics journals.

Uhuh.... "Nature" not good enough now?

http://www.nature.com/srep/2012/120813/srep00571/full/srep00571.html

This was done using your supposed "scam" machine.

And to think I had you pegged as a light reader. My bad!

FWIW, the site has some cool images:

[greyhawk]

And to think I had you pegged as a light reader. My bad!

I am. Tried it once without light. Didn't work out all that well.

[ImNotHerb]

An impressive sounding link whose details leave much to be desired:

"Even though the quantum device follows a quantum annealing protocol, the odds of measuring the ground state are not necessarily high. For example, in the 81 qubit experiment, only 13 out of 10,000 measurements yielded the desired solution."
...
"...the cases presented here still can be solved on a classical computer by exact enumeration (the six-amino-acid problem has only 40 possible configurations)..."

[MPOE-PR]

troll, troll, troll your boat...

hi burtw!
hi MPOE-PR (why do you type so many words, my kitchen doesn't have forums)
hi smoothie!

...actually there are some smart people "threading it up" here.

Urmom called. Wants kitchen back.

Also, further breaking news: BFL will deliver ASICs no later than January, 2014.

[jcpham]

troll, troll, troll your boat...

hi burtw!
hi MPOE-PR (why do you type so many words, my kitchen doesn't have forums)
hi smoothie!

...actually there are some smart people "threading it up" here.

Urmom called. Wants kitchen back.

Also, further breaking news: BFL will deliver ASICs no later than January, 2014.

All we have to eat is potatoes! I'm starving and I'm so cold. Keep me warm.