Why is Bitcoin safe against a quantum computer?

[Come-from-Beyond]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Bitcoin address is a hashed public key of 256-bit EC. Hashes are resistant to quantum algos, so while someone keeps his public key unknown it's OK. But when he wants to transfer his money he must reveal the key.
Let's assume that an attacker with a quantum computer monitors all transactions. The attacker can pick any key while a transaction awaits to be included into a block. Now imagine that miners choose transactions with higher fees. The attacker can issue other transaction (when he picks the private key) that transfer coins to his address and set a higher fee. Or he could switch his mining rig on and try to find a block himself. With 0.1% of all hashpower he needs only 5 days to solve a block with 50% chance.

Seems Bitcoin is NOT safe. Or am I wrong?

[rme]

Quantum computers are just a theoreticall concept

[Come-from-Beyond]

Quantum computers are just a theoreticall concept

Sad if it's the only frontier...

[FTWbitcoinFTW]

Quantum computers are just a theoreticall concept

Tell me more about that please !

http://en.wikipedia.org/wiki/D-Wave_Systems

Edit : CIA involved

http://www.technologyreview.com/news/429429/the-cia-and-jeff-bezos-bet-on-quantum-computing/

[mokahless]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Seems Bitcoin is NOT safe. Or am I wrong?

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

[Come-from-Beyond]

That's interesting:

[1] Bitcoin uses Elliptic Curve cryptography (http://en.wikipedia.org/wiki/Bitcoin)
[2] Gavin is the lead Bitcoin developer (https://bitcoinfoundation.org/about/board)
[3] Gavin visits CIA (https://bitcointalk.org/?topic=6652.0)
[4] CIA involved into quantum computing (http://www.technologyreview.com/news/429429/the-cia-and-jeff-bezos-bet-on-quantum-computing/)
[5] Elliptic Curve cryptography is breakable with quantum computing (http://pqcrypto.org/)

Shouldn't we change Bitcoin signing algorithm? If Gavin is against these changes it will be very suspicious...

[Come-from-Beyond]

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

Why does CIA need to destroy the banking system?

[repentance]

That's interesting:

[1] Bitcoin uses Elliptic Curve cryptography (http://en.wikipedia.org/wiki/Bitcoin)
[2] Gavin is the lead Bitcoin developer (https://bitcoinfoundation.org/about/board)
[3] Gavin visits CIA (https://bitcointalk.org/?topic=6652.0)
[4] CIA involved into quantum computing (http://www.technologyreview.com/news/429429/the-cia-and-jeff-bezos-bet-on-quantum-computing/)
[5] Elliptic Curve cryptography is breakable with quantum computing (http://pqcrypto.org/)

Shouldn't we change Bitcoin signing algorithm? If Gavin is against these changes it will be very suspicious...

What do you suggest changing it to which won't be breakable with quantum computing (assuming anyone cared to throw quantum computing resources at breaking it in the first place)?

[jubalix]

That's interesting:

[1] Bitcoin uses Elliptic Curve cryptography (http://en.wikipedia.org/wiki/Bitcoin)
[2] Gavin is the lead Bitcoin developer (https://bitcoinfoundation.org/about/board)
[3] Gavin visits CIA (https://bitcointalk.org/?topic=6652.0)
[4] CIA involved into quantum computing (http://www.technologyreview.com/news/429429/the-cia-and-jeff-bezos-bet-on-quantum-computing/)
[5] Elliptic Curve cryptography is breakable with quantum computing (http://pqcrypto.org/)

Shouldn't we change Bitcoin signing algorithm? If Gavin is against these changes it will be very suspicious...

ALL VALID POINTS

we need a suggestion here as to quantum resistant

if there is one think we have learnt about the slightly advanced monkeys on orb 3 they keep at it until they can do it, and will f*ck anything just because they can or want to have control over the other monkeys...if they had a blow up the universe button they could not help themselves

[Come-from-Beyond]

What do you suggest changing it to which won't be breakable with quantum computing (assuming anyone cared to throw quantum computing resources at breaking it in the first place)?

This is a hard choice for me. Signature sizes of quantum-proof schemes are too long for 250k block limit. I expect the community has much smarter people who can solve the issue.

[Bitobsessed]

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

Why does CIA need to destroy the banking system?

Why doesn't the CIA need to?

[Bitcoinpro]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Bitcoin address is a hashed public key of 256-bit EC. Hashes are resistant to quantum algos, so while someone keeps his public key unknown it's OK. But when he wants to transfer his money he must reveal the key.
Let's assume that an attacker with a quantum computer monitors all transactions. The attacker can pick any key while a transaction awaits to be included into a block. Now imagine that miners choose transactions with higher fees. The attacker can issue other transaction (when he picks the private key) that transfer coins to his address and set a higher fee. Or he could switch his mining rig on and try to find a block himself. With 0.1% of all hashpower he needs only 5 days to solve a block with 50% chance.

Seems Bitcoin is NOT safe. Or am I wrong?

very wrong as the power of mathematics used increases the level of the cracking cpu rises exponetially meaning that soon the step required from the cpu will be unfathomable

i call this type of cpu that requires the next cpu to be almost infinite in computing power, a number powered cpu

[Come-from-Beyond]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Bitcoin address is a hashed public key of 256-bit EC. Hashes are resistant to quantum algos, so while someone keeps his public key unknown it's OK. But when he wants to transfer his money he must reveal the key.
Let's assume that an attacker with a quantum computer monitors all transactions. The attacker can pick any key while a transaction awaits to be included into a block. Now imagine that miners choose transactions with higher fees. The attacker can issue other transaction (when he picks the private key) that transfer coins to his address and set a higher fee. Or he could switch his mining rig on and try to find a block himself. With 0.1% of all hashpower he needs only 5 days to solve a block with 50% chance.

Seems Bitcoin is NOT safe. Or am I wrong?

very wrong as the power of mathematics used increases the level of the craking cpu rises exponetially meaning that soon the step required from the cpu will be unfathomable

i call this type of cpu that requires the next cpu to be almost infinite in computing power, a number powered cpu

Obviously u are talking about some other Bitcoin implementation. What about the current one?

[Bitcoinpro]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Bitcoin address is a hashed public key of 256-bit EC. Hashes are resistant to quantum algos, so while someone keeps his public key unknown it's OK. But when he wants to transfer his money he must reveal the key.
Let's assume that an attacker with a quantum computer monitors all transactions. The attacker can pick any key while a transaction awaits to be included into a block. Now imagine that miners choose transactions with higher fees. The attacker can issue other transaction (when he picks the private key) that transfer coins to his address and set a higher fee. Or he could switch his mining rig on and try to find a block himself. With 0.1% of all hashpower he needs only 5 days to solve a block with 50% chance.

Seems Bitcoin is NOT safe. Or am I wrong?

very wrong as the power of mathematics used increases the level of the craking cpu rises exponetially meaning that soon the step required from the cpu will be unfathomable

i call this type of cpu that requires the next cpu to be almost infinite in computing power, a number powered cpu

Obviously u are talking about some other Bitcoin implementation. What about the current one?

unless you have studied mathematics for years on end id expect this concept to be a little difficult to graph

write yourself an oct  counter then examine this true oct counter

#include<stdio.h>
#define P printf
#define F for

int main(void){

int dec,oct=0,x;

F(dec=1;dec<=1000000;dec++){

oct++;

F(x=10; (oct/(x/10))>0; x*=10){

if((oct%x)==(8*(x/10))){

oct+=(2*(x/10));      }        }

P("%5d%5d\n",dec,oct);
}
return 0;
}

[grondilu]

Quantum computers would be so awesome (according to David Deutsch, a 300 qbit QC could simulate a whole universe), that the failure of bitcoin would be a tiny price to pay.

In a way, you can even see bitcoin as yet an other incentive for scientists and engineers to build a quantum computer.

[markm]

The spooky stuff - action at a distance and entanglement - might well simply be a very very basic failure to account for the topology of space, a kind of mis-use of units.

There seems to be a big tendency to claim a boolean is a boolean so that in essence the actual units get forgotten about, leading to massive surprise ("that is spooky!!!) when they (the units: the topology of the space) manifest themselves at the other end.

Hard to describe in easy familiar terms I guess, but maybe somewhat analogous to measuring volumetric booleans at one end, forgetting they are volumes (and thus actually speak volumes compared to scalar booleans), then being stupefied when measuring them at the other end rediscovers the fact they are, in fact, volumetric afterall.

Harmony Christian has been trying to explain this stuff for years, but physics forum inhabitants don't fancy it at all at all...

...If he is right, it seems one should be able to simulate quantum computers on classical computers by using octonians.

-MarkM-

[mokahless]

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

Why does CIA need to destroy the banking system?

Why do you assume the CIA will control a quantum computer initially, assuming it is invented and practically usable?

[farlack]

As we all know elliptic curve cryptography is vulnerable to a quantum computer. For a conventional computer difficulty of breaking 256-bit key equals 256/2=128 bits. For a quantum computer it's just sqrt(256)=16 bits.
Seems Bitcoin is NOT safe. Or am I wrong?

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

banks and credit cards are also backed up if you're robbed.

[Raoul Duke]

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

Why does CIA need to destroy the banking system?

OK, I'll play your game.

Why does CIA need to destroy the Bitcoin network?

[the joint]

Neither is every public private keypair in the world, by your logic. So don't do online banking. Or shop online. Or do credit card transactions.
Bitcoin is not the only thing not safe from the concept.

Why does CIA need to destroy the banking system?

The point is that if Bitcoin's algorithm can be broken then there will be more profitable targets than Bitcoin.