Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
February 03, 2013, 12:16:35 PM |
|
There will be a huge improvement!! the european union just paid 1 billion € (1,35 billion usd) to research about "Graphene" http://en.wikipedia.org/wiki/Graphene and to research how to build a processor with graphene. They could run with up to 500 GHZ per core! just imagine 500 ghz quadcore .. yumm! Graphene is just one of several experimental technologies with which researchers hope to keep Moore's law alive for a bit longer. No one expects it to exceed Moore's law by some order of magnitude. As for clock frequency, 500 GHz has already been done with silicon a long time ago: http://news.bbc.co.uk/2/hi/technology/5099584.stmOf course, clockspeed alone (or more correctly: transistor switching speed) is utterly meaningless.
|
|
|
|
qbits
|
|
February 04, 2013, 06:06:26 AM |
|
indeed. sufficiently big quantum computer would be able to find a suitable block hash in arbitrarily short time thus ending the bitcoin for good.
Not sure if you realize, the difficulty will be raised to offset any speed a computer can throw at the network.. quantum computers work slightly different than ordinary computers in that they do not have to go through billions and billions of tries to find a hash below the threshold set forth by the difficulty. quantum computer would find the hash in a single step essentially in a time normal computer would take to calculate and try a single hash. so 1 Hash per second quantum computer produces one "below the threshold" block hash per second (assuming it exists at all) regardless of difficulty.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 06:14:07 AM |
|
indeed. sufficiently big quantum computer would be able to find a suitable block hash in arbitrarily short time thus ending the bitcoin for good.
Not sure if you realize, the difficulty will be raised to offset any speed a computer can throw at the network.. quantum computer would find the hash in a single step essentially in a time normal computer would take to calculate and try a single hash. How? Not that I disbelieve, I'm just not sure it's that simple. I would have thought it would have to at least take additional time to sort though all the solutions to find the smallest hash.
|
|
|
|
Fuzzy (OP)
|
|
February 04, 2013, 06:20:50 AM |
|
indeed. sufficiently big quantum computer would be able to find a suitable block hash in arbitrarily short time thus ending the bitcoin for good.
Not sure if you realize, the difficulty will be raised to offset any speed a computer can throw at the network.. quantum computers work slightly different than ordinary computers in that they do not have to go through billions and billions of tries to find a hash below the threshold set forth by the difficulty. quantum computer would find the hash in a single step essentially in a time normal computer would take to calculate and try a single hash. so 1 Hash per second quantum computer produces one "below the threshold" block hash per second (assuming it exists at all) regardless of difficulty. Yeah, but where are you gonna find the 1.21 jigga watts of power that you need to run it?
|
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
February 04, 2013, 11:02:08 AM |
|
How? Not that I disbelieve, I'm just not sure it's that simple. I would have thought it would have to at least take additional time to sort though all the solutions to find the smallest hash.
Does that really matter? If a quantum computer can calculate a near infinite number of hashes simultaneously and therefore find a block or even multiple blocks "per clockcycle", surely sorting them isnt going to make a big difference.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 11:15:59 AM |
|
How? Not that I disbelieve, I'm just not sure it's that simple. I would have thought it would have to at least take additional time to sort though all the solutions to find the smallest hash.
Does that really matter? If a quantum computer can calculate a near infinite number of hashes simultaneously and therefore find a block or even multiple blocks "per clockcycle", surely sorting them isnt going to make a big difference. Of course it matters. It invalidates this statement: quantum computer would find the hash in a single step essentially in a time normal computer would take to calculate and try a single hash.
so 1 Hash per second quantum computer produces one "below the threshold" block hash per second (assuming it exists at all) regardless of difficulty.
If quantum computers are poor at sorting (I have no idea) then it will take longer than qbits' estimate. 10% percent longer? 1e06% longer? Without at least an estimate (or an explanation of why I'm being wrong headed) his point is not proven.
|
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
February 04, 2013, 11:25:28 AM |
|
Actually, afaik, quantum computers could even use bogosort to sort a finite list in a single clock cycle.
Now im no expert in QC, but I doubt you even have to sort anything. You just have to code the QC so that all universes are destroyed except for the ones where the resulting hash is < difficulty. Any one of them would create valid blocks, you wouldnt even have to pick the smallest. Pick any.
|
|
|
|
Vladimir
|
|
February 04, 2013, 11:33:43 AM Last edit: February 04, 2013, 11:57:23 AM by Vladimir |
|
As DeathAndTaxes said. Plus:
For the next 5-20 years expect Bitcoin mining tech to develop in the following directions:
1. improving Bitcoin ASIC's in direction of catching up with the best ASIC tech available i.e. with what the latest top of the line CPU we have; 2. making mining gear more modular so that upgrade path from old generation of chips to new ones is more cost effective. For example, retaining enclosures, power supplies, cooling gear etc and having replaceable cards with chips that could be replaced/upgraded; 3. making mining gear more space and power efficient so that it could fill standard 32/16A ~42U rack. 4. making mining gear that could also allow reuse of generated heat and proliferation of "energy cost offsetting" devices of all shapes and forms. like bitcoin generating coffee-warmers, space heaters, house heating systems, beef jerky and dried fruit production etc.. 5. economies of scale i.e. producing large quantities of low cost hashing chips and gear. 6. concentration of large scale bitcoin hashing capacity in areas where low cost electricity is available or where secondary use of heat produced is viable 7. timed use of hashing capacity to take advantage of low cost energy during off-peak hours. 8. use of hashing hardware to utilize "free electricity" in places where "unmetered" energy is available. But expect, providers of "free energy" such as employers, moms basements, student dorms to catch up on this eventually.
This is the beauty of free market, it WILL make Bitcoin hashing as cost efficient as possible over time.
In any case expect network's Bitcoin hashing capacity to be customarily measured in Peta and even Exa hashes (as opposed to Mega and Giga and Tera hashes) rather soon.
Expect that pretty soon no single entity will be able to mount a sustained 51% attack even theoretically.
Expect eventually quantum computing, aliens, time travelers, DNA/biological computers or other such rather improbable now actors to disrupt Bitcoin hashing marketplace in some shape of form.
I also think that ASIC mining gear manufacturers will quickly move to large scale production of mining gear in large quantities up to the point where cost of auxiliary equipment in rigs (PSU, enclosures, fans etc...) is comparable to the cost of hashing chips.
I also think that we will see availability of hashing chips for OEM's and 1-2 companies dominating Bitcoin chip markets with a much larger number of OEM's and VAR's producing the mining gear of all shapes and sizes.
|
-
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 11:36:58 AM |
|
Actually, afaik, quantum computers could even use bogosort to sort a finite list in a single clock cycle.
Now im no expert in QC, but I doubt you even have to sort anything. You just have to code the QC so that all universes are destroyed except for the ones where the resulting hash is < difficulty. Any one of them would create valid blocks, you wouldnt even have to pick the smallest. Pick any.
If the calculation result in only hashes < difficulty, how does the calculation test for this? I didn't think QC broke encryption, just created many hashes at once. The algorithm would have a method for testing which of the hashes it created are < D, hence the requirement of sorting. Either that or there's an algorithm which can break the encryption. Or I'm completely wrong and talking out of my butt. It's probably the latter, but I'm interested in knowing more.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 11:38:48 AM |
|
Expect eventually quantum computing, aliens, time travelers, DNA/biological computers or other such rather improbable now actors to disrupt Bitcoin hashing marketplace in some shape of form.
Which of these do you think is most likely? I have my money on aliens of course, but who doesn't?
|
|
|
|
Vladimir
|
|
February 04, 2013, 11:44:59 AM |
|
lol, Aliens are of course the best bet.
|
-
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
February 04, 2013, 11:45:40 AM |
|
If the calculation result in only hashes < difficulty, how does the calculation test for this? I didn't think QC broke encryption, just created many hashes at once.
The algorithm would have a method for testing which of the hashes it created are < D, hence the requirement of sorting. Either that or there's an algorithm which can break the encryption.
Judging by his handle, I suspect Qbits is better qualified to answer this than me, but AFAIK, a quantum computer does calculations in "parallel universes", and these calculations are not restricted to adding or subtracting. You would just add a comparison in there. So yes, in practice if QC becomes viable, pretty much all current methods of encryption become pointless and we will need something else. Thats being researched, if you are interested: http://en.wikipedia.org/wiki/Post-quantum_cryptography
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 11:49:25 AM |
|
If the calculation result in only hashes < difficulty, how does the calculation test for this? I didn't think QC broke encryption, just created many hashes at once.
The algorithm would have a method for testing which of the hashes it created are < D, hence the requirement of sorting. Either that or there's an algorithm which can break the encryption.
Judging by his handle, I suspect Qbits is better qualified to answer this than me, but AFAIK, a quantum computer does calculations in "parallel universes", and these calculations are not restricted to adding or subtracting. You would just add a comparison in there. So yes, in practice if QC becomes viable, pretty much all current methods of encryption become pointless and we will need something else. Thats being researched, if you are interested: http://en.wikipedia.org/wiki/Post-quantum_cryptographyNice explantation, thanks. Thanks too for the link.
|
|
|
|
arklan
Legendary
Offline
Activity: 1778
Merit: 1008
|
|
February 04, 2013, 07:53:25 PM |
|
anyone got a cup or something? i think this QC talk has left my brain dripping out my ears.
|
i don't post much, but this space for rent.
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
February 04, 2013, 08:44:17 PM |
|
Yeah not sure where people get the idea that QC "instantly solve" problems. They don't. Using Shor's algorithm a lot of solutions can be found in polynomial time but polynominal time doesn't equal instant time. Note Shor's algorithm isn't useful for "breaking" a hash but there is no known Quatum algorithm which can solve that problem in polynominal time or faster. http://en.wikipedia.org/wiki/Shor's_algorithmSo lets look at brute forcing a private key. To brute force a 160 bit private key would require 2^160 attempts using a classical computer. A QC designed to implement Shor's algorithm could do it in 2^80 attempts. So the QC can perform the same search in 1/2^80 as many operations. This is a massive increase in speed but not "instant time". Also 1 operation on a classical computer and one operation on a QC aren't comparable. It may take 100x or even 10,000 times as long to perform one operation using a QC. It is possible Grover's algorithm could be used to brute force hashes but no proof of that exist yet. http://en.wikipedia.org/wiki/Grover%27s_algorithmStill Grover's algorithm doesn't "instantly" solve anything either (to my knowledge nothing does quantum or otherwise). Grover's algorithm can only provide a probable solution and for a large problem it requires many quadrillions of attempts to produce a solution with any accuracy. So while speeds up are probable this "instant solve" is just nonsense. Another complication is that Bitcoin mining by QC is novel and would require a new quantum algorithm. Most QC problems are related to finding a specific solution however with Bitcoin we are only interested in a "good enough" solution. For example at difficulty 2.5 million there are roughly 8,986,648,889,050,210,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 valid solutions. Using existing Quantum Algorithms would likely not be useful as for example if a quantum algorithm was found that could break a specific 256 bit hash in polynominal times 2^128 operations is still much larger than current difficulty (2^32 * 3 million).
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
February 04, 2013, 08:53:35 PM |
|
Which doesn't apply to bitcoin mining. Post QC algorithms are theories to improve the security of asymmetric encryption (public private key) algorithms. They aren't applicable for cryptgraphic hashes.
|
|
|
|
lastbit
|
|
February 04, 2013, 10:45:36 PM |
|
[...] In any case expect network's Bitcoin hashing capacity to be customarily measured in Peta and even Exa hashes (as opposed to Mega and Giga and Tera hashes) rather soon. Expect that pretty soon no single entity will be able to mount a sustained 51% attack even theoretically. [...]
Sorry to disappoint a lot of persons, but that's not about Peta , Exa, not even Zetta or Yotta. It's all about the money.Hashrate is now around 25TH/s. That equivalent to about 40000 pieces of 7970. That's around 20 mil USD. Considering motherboards, power supplies, workforce, etc., I'd say an entity willing to spend 30-40 mil USD, plus costs of 10MW of electricity, could wreak havoc with bitcoin, using GPUs. You do realize that this is doable by banks and nations (and even some individuals although I cannot see their possible motivation). But what about an ASIC atack? Right now, Avalon team claims that they can produce 51% power (another 25TH/s) with under 600 000 USD. This is even scarier, isn't it? If they can, why a bank/nation cannot? Or lets say a bank/nation is not so smart and their cost to develop and produce 25GH/s in ASICs is 5 milions. Still very scary! So what ASIC adoption will mean for us? It will only cancel the ASIC atack versus GPU/FPGA bitcoin network mentioned above. If we, bitcoiners, will invest in ASIC around the same amount we have invested in GPUs/FPGAs, so around 30 milions USD, that means and entity willing to destroy us will have to invest, more or less, the same money. Unfortunately, 30 milions USD are in the realm of MANY entities We'll be safe against a hacker, but we'll still be at the mercy of BIG powers. Are there solutions for us? Very few! One is to convince as many folks as we can to invest in bitcoin and use them. Not necessarily in mining, it's enough in the economy. A growing economy will drive fiat/btc up, so mining hashrate will follow growing (beeing profitable in fiat money due to fiat/btc rate, even if btc reward is smaller due to raised network hashrate). Lower cost/(GH/s) as much as possible. This will come with competition, and probably prices will stabilize at the level at which, despite of greater hashrate, return of investment is still under 12 months. And there's one more thing. But not here because I already feel I'm offtopic.
|
|
|
|
Vladimir
|
|
February 04, 2013, 11:17:19 PM |
|
lastbit, do you think that whatever you said would still be applicable when: - half of the houses on the planet are heated by bitcoin ASIC powered "cost offset" heaters, - half of space heaters on the palnet have "bitcoin cost offset module" with a bunch of latest bitcoin hashing chips inside? - there are multiply racks full of bitcoin asic hashing gear in every datacenter that has decent energy pricing. - etc...
It seems you are ignoring that logically after prototypes are done the next step for bitcoin ASIC manufacturers will be "mass production" of a huge quantity of chips and plugging them into everything even remotely viable as dedicated gear or as 'cost offset' device.
Now tell me if there a single entity on the planet that can build a set of DC's consuming say 10% of all electricity used on the planet for heating just to piss everyone off?
In context of my post talking about theoretical cost of 51% attack at this moment using GPU tech is rather ridiculous.
|
-
|
|
|
Puppet
Legendary
Offline
Activity: 980
Merit: 1040
|
|
February 04, 2013, 11:45:27 PM |
|
lastbit, do you think that whatever you said would still be applicable when: - half of the houses on the planet are heated by bitcoin ASIC powered "cost offset" heaters, - half of space heaters on the palnet have "bitcoin cost offset module" with a bunch of latest bitcoin hashing chips inside? - there are multiply racks full of bitcoin asic hashing gear in every datacenter that has decent energy pricing. - etc...
None of that will happen even if half the houses on the planet have people that use bitcoin. There has to be an economic incentive for people to buy mining hardware, and it will only scale up from the current level with an increase of the total value of bitcoin, while scaling down with the decreased block reward - in so far its not partially offset by transaction costs. If there is a guestimated $20M worth of mining equipment in use now, there will be not much more or less than $20M worth of ASIC miners next year given the same bitcoin price/blockreward. Okay, maybe a bit more as the cost shifts more to hardware and less to energy, at least initially, in the long run, it wont change by orders of magnitude. In 10 years, blockreward will have decreased to 3% of what it is now. Lets be generous and assume transaction rewards by then are as big as the blockrewards; if so, then you would still expect to see roughly $20M worth of mining hardware if a bitcoin was worth 16x what is now, or ~$320 by then. Multiply both by a factor of 10 if you wish, it wont come anywhere near to your pipe dream. Now tell me if there a single entity on the planet that can build a set of DC's consuming say 10% of all electricity used on the planet for heating just to piss everyone off? If bitcoin comes even anywhere close to consuming 10% of all electricity produced on earth, I for one will become a fierce advocate against it.
|
|
|
|
organofcorti
Donator
Legendary
Offline
Activity: 2058
Merit: 1007
Poor impulse control.
|
|
February 04, 2013, 11:54:04 PM |
|
In 10 years, blockreward will have decreased to 3% of what it is now.
You mean 25%?
|
|
|
|
|