Bitcoin Forum
November 06, 2024, 05:20:37 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3] 4 5 6 »  All
  Print  
Author Topic: Why is litecoin hyped so much when it doesn't add any value over bitcoin?  (Read 4539 times)
temor
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile
June 25, 2013, 04:56:47 PM
 #41

Also, having two or more "strong" alt-coins provides competition. With three strong dev-teams there's bound to be a lot more cool innovative ideas than just one "super-strong" dev-team spinning away on a single track.

I agree in theory however that wasn't his point however with the exception of NMC and PPC there hasn't been any real innovation.    His point was about mining being profitable.  That implies by simply adding a continual supply of new coins/chains you could ensure all mining is always profitable.  Like I said just make a million of then and end global poverty.

I see. You're absolutely right.


My main reason for prefer litecoin (or a faster coin) over bitcoin is simply the confirmation time. When I have to wait over an hour after a transaction is initiated in order to use that amount, it's simply impractical and completely unnecessary. litecoin takes much less time. (though something like worldcoin would be more ideal).

Why wait an hour then?  You are accepting less security just starting accepting Bitcoin with 2 confirmations.  Tada 66% faster.

can you prove it is less security than?
Less than what?

Please make a post in my Reputation Thread if we've had a successful trade.
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 05:14:04 PM
 #42

The biggest and really significant weakness of BTC is SHA-256, that is ASICs (which are a very genuine threat feasible for any dedicated attacker, getting a design and building a semiconductor fabrication plant can be had for a few $M). All renowned cryptographers agree that scrypt is far superior.

It is fairly easy to make a scrypt ASIC the only factor is cost.  However the scrypt used in LTC (and clones) was modified to make it about 10,000 less memory hard then the recommended default value.  LTC scrypt uses about 32KB of memory, a token amount in ASIC design.  LTC likely will never become popular enough to warrant the kind of investment but if it does ASIC builders will move to that chain as well.


Of course it is all about cost, that is my point. You cannot get a likewise efficient (this is the keyword here) LTC ASIC design and a manufacturing plant for a few $M. Despite of the scrypt memory requirement relaxation in LTC we are still talking about 4 or 5 orders of magnitude. Nobody came ever close to an efficient LTC ASIC even in theoretical designs, so much for "token amount".  Cheesy


Your last line is a false statement.  Please provide this extensive list of renowned cryptographers who believe scrypt is far superior. Scrypt has been far less extensively studied than SHA and thus has a higher risk of a cryptographic flaw.  Of course SHA could also be flawed but other than maybe MD5 or AES there aren't many algorithms with more peer review.   Extensive and long peer review is mandatory to ensure cryptographic strength.


Your statement is false, MD5 for example has the most extensive and longest peer review, and is the notoriously most flawed of all the above, as was pointed out by renowned cryptographers years ago (see Wikipedia). I will give you the people involved in the design and subsequent discussions of scrypt and I'm quite sure you will recognize some of them. But as it just takes one counterexample to demonstrate my statement is false while you (and by extension I) cannot extensively prove a negative, I challenge you to provide just one single renowned cryptographer who doesn't believe scrypt is far superior, good luck.

The first paper on scrypt was published less than 5 years ago and that is a tiny amount of time in the field of cryptography.  Also LTC (and clones) use a modified version of scrypt which is significantly less "memory hard" by a couple orders of magnitude.  The LTC developers are not world renowned cryptographers, there has been no extensive peer review of the effect of these modifications.  There has (AFAIK) been a single academic paper on the potential risks.

Simple version:  In cryptography tried and true is superior to new and flashy.  In time scrypt "may" become the defacto standard for key derivitive functions but that day isn't today.

In cryptography you rely on what's currently endorsed by most cryptographers, and that algorithm for hashing or key derivation is currently scrypt. SHA-256 is broken both theoretically by definition (see Wikipedia) as well as in practice because of ASICs, and so is BTC.


r3wt
Hero Member
*****
Offline Offline

Activity: 686
Merit: 504


always the student, never the master.


View Profile
June 25, 2013, 05:19:11 PM
 #43

The biggest and really significant weakness of BTC is SHA-256, that is ASICs (which are a very genuine threat feasible for any dedicated attacker, getting a design and building a semiconductor fabrication plant can be had for a few $M). All renowned cryptographers agree that scrypt is far superior.

It is fairly easy to make a scrypt ASIC the only factor is cost.  However the scrypt used in LTC (and clones) was modified to make it about 10,000 less memory hard then the recommended default value.  LTC scrypt uses about 32KB of memory, a token amount in ASIC design.  LTC likely will never become popular enough to warrant the kind of investment but if it does ASIC builders will move to that chain as well.


Of course it is all about cost, that is my point. You cannot get a likewise efficient (this is the keyword here) LTC ASIC design and a manufacturing plant for a few $M. Despite of the scrypt memory requirement relaxation in LTC we are still talking about 4 or 5 orders of magnitude. Nobody came ever close to an efficient LTC ASIC even in theoretical designs, so much for "token amount".  Cheesy


Your last line is a false statement.  Please provide this extensive list of renowned cryptographers who believe scrypt is far superior. Scrypt has been far less extensively studied than SHA and thus has a higher risk of a cryptographic flaw.  Of course SHA could also be flawed but other than maybe MD5 or AES there aren't many algorithms with more peer review.   Extensive and long peer review is mandatory to ensure cryptographic strength.


Your statement is false, MD5 for example has the most extensive and longest peer review, and is the notoriously most flawed of all the above, as was pointed out by renowned cryptographers years ago (see Wikipedia). I will give you the people involved in the design and subsequent discussions of scrypt and I'm quite sure you will recognize some of them. But as it just takes one counterexample to demonstrate my statement is false while you (and by extension I) cannot extensively prove a negative, I challenge you to provide just one single renowned cryptographer who doesn't believe scrypt is far superior, good luck.

The first paper on scrypt was published less than 5 years ago and that is a tiny amount of time in the field of cryptography.  Also LTC (and clones) use a modified version of scrypt which is significantly less "memory hard" by a couple orders of magnitude.  The LTC developers are not world renowned cryptographers, there has been no extensive peer review of the effect of these modifications.  There has (AFAIK) been a single academic paper on the potential risks.

Simple version:  In cryptography tried and true is superior to new and flashy.  In time scrypt "may" become the defacto standard for key derivitive functions but that day isn't today.

In cryptography you rely on what's currently trusted by most cryptographers, and that algorithm for hashing or key derivation is currently scrypt. SHA-256 is broken both theoretically by definition (see Wikipedia) as well as in practice because of ASICs, and so is BTC.



since the conversation has tipped to algo's and security, i'd like to point out that Gost-cipher and Whirlpool-T have yet to be broken.

My negative trust rating is reflective of a personal vendetta by someone on default trust.
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 05:23:57 PM
 #44


since the conversation has tipped to algo's and security, i'd like to point out that Gost-cipher and Whirlpool-T have yet to be broken.

As has my treasure hunt: https://bitcointalk.org/index.php?topic=242523.msg2572358 Wink

Probably means we should create a coin based on it?

r3wt
Hero Member
*****
Offline Offline

Activity: 686
Merit: 504


always the student, never the master.


View Profile
June 25, 2013, 05:50:06 PM
 #45


since the conversation has tipped to algo's and security, i'd like to point out that Gost-cipher and Whirlpool-T have yet to be broken.

As has my treasure hunt: https://bitcointalk.org/index.php?topic=242523.msg2572358 Wink

Probably means we should create a coin based on it?

WeavCoin

My negative trust rating is reflective of a personal vendetta by someone on default trust.
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 05:58:18 PM
 #46


since the conversation has tipped to algo's and security, i'd like to point out that Gost-cipher and Whirlpool-T have yet to be broken.

As has my treasure hunt: https://bitcointalk.org/index.php?topic=242523.msg2572358 Wink

Probably means we should create a coin based on it?

WeavCoin

Cheesy

Mazakguy
Member
**
Offline Offline

Activity: 66
Merit: 10


View Profile
June 25, 2013, 06:45:46 PM
 #47

The biggest and really significant weakness of BTC is SHA-256, that is ASICs (which are a very genuine threat feasible for any dedicated attacker, getting a design and building a semiconductor fabrication plant can be had for a few $M). All renowned cryptographers agree that scrypt is far superior. Also the hashing algorithm can never be changed for BTC because that would require resolving the entire historical blockchain to achieve the same level of security LTC brings from the start. SHA-256 coins are rightly dead, and BTC is the only one still living off its initial and very major publicity until it will be replaced by a superior competitor (quite likely LTC or possibly PXC) just like Netscape Navigator, Yahoo Search, Friendster, Myspace, or any other generally innovative tech with execution flaws was. Doesn't take a genius to see that.

Also an imo ideal compromise between block time and network scalability (those altcoins with 60 seconds blocktimes and less couldn't ever scale to even what the BTC network is now).
I wonder if you would be saying the same thing if you had 50000 BTC tucked away.



But MOST of us don't have 50000 BTC tucked away.

See here is where most of the large holders screw up in there thinking.

When asic came out they were priced very high in BTC, and most people didn't have that many, so only a select few got them.

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.

BTC are only worth something because people say they are.

Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

The old guard has not relized the the BTC train is entering the last station. You must either change trains or stay at the station.

So, the GPU miners are starting to vote with thier feet.

Now that it is too late, the old guard, ie large BTC holders, seeing what is happening are starting to panic. They will try anything to keep their riches.

But when they are the only one left in BTC with their shiny asic what will they do?

I keep hearing how in the crypto coin world the great thing is how it takes 51% to change things. Well the 80% is starting to speak, and the old guard just hates it.

Ya reap what ya sow. They had it good, but got TOO greedy, and the rest are tiring of it. If they had let it spread out more this would not have happened imo.

So what ya gonna do old guard? Don't think there is much ya can. Have fun with your hoard of coins soon not to be worth much Shocked
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
June 25, 2013, 07:20:27 PM
 #48

Got to get to work but I would point out SHA-2 (commonly called SHA-256, SHA-384, and SHA-512) has not been broken, not even theoretically.

An attack on a reduced round version of SHA-2 has been found what this means is that SHA-2 uses 64 rounds (the input is passed through the same algorithm 64 times).  IF SHA-2 only used 42 rounds a faster than brute force attack would be possible.  However I would point out that the time complexity of such an attack is 2^251.  A brute force preimage attack on SHA-2 requires 2^255 operations so the "attack" is 2^(255-251) = 2^4 = 16 times more faster than brute force.   That still requires more time and energy than our solar system has to achieve a collision.

Lastly SHA-2 being partially broken (i.e. much faster than brute force attack) is not a concern when it comes to mining.  If miners using a modifed algorithm implementing the attack could mine 10,000 faster then it would simply mean difficulty would rise by a factor of 10,000.  If SHA-2 is broken completely then the issue isn't mining it is the privacy of the public key however LTC (and alll? alt-coins) use the same address structure.  This is less of a threat as addresses are the double SHA-256 and RIPEMD-160 hash of the public key.  It is unlikely both algorithms would be broken sufficiently to provide a credible threat.

The largest cryptographic threat to BTC (and by extension all alt-coins as they have copied this portion of the code bit for bit) is ECDSA.  Public key cryptographic is much harder to predict the likelihood that the cipher will remain secure.  Unlike hashing algorithms public key cryptography relies on an "unknown".  The strength comes from the fact that there is currently no feasible method of solving certain math problems.  If that assumption turns out to be false then the cipher will be vulnerable.  Through either cryptoanalysis or quantum computing I full expect ECDSA (and many other public key systems) to be broken wide open within my lifetime.  An alt-coin using an alternative public key system would provide an "insurance" policy of sorts but AFAIK none exist.
cryptoanarchist
Legendary
*
Offline Offline

Activity: 1120
Merit: 1003



View Profile
June 25, 2013, 07:21:40 PM
 #49

My main reason for prefer litecoin (or a faster coin) over bitcoin is simply the confirmation time. When I have to wait over an hour after a transaction is initiated in order to use that amount, it's simply impractical and completely unnecessary. litecoin takes much less time. (though something like worldcoin would be more ideal).

Why wait an hour then?  You are accepting less security just starting accepting Bitcoin with 2 confirmations.  Tada 66% faster.

I've waited for over an hour for 2 confirmations before.

I'm grumpy!!
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
June 25, 2013, 07:23:33 PM
 #50

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.  BTC are only worth something because people say they are. Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

Lets assume all this is true (which it isn't).  LTC uses a weakened version of scrypt one which ASICs can be produced cost effectively so what happens when BTC "dies" and LTC become mainstream.  The global mining revenue shoots up into the hundreds of millions of dollars a year which justifies the development of LTC ASICs?

Buffer Overflow
Legendary
*
Offline Offline

Activity: 1652
Merit: 1016



View Profile
June 25, 2013, 07:32:48 PM
 #51

The biggest and really significant weakness of BTC is SHA-256, that is ASICs (which are a very genuine threat feasible for any dedicated attacker, getting a design and building a semiconductor fabrication plant can be had for a few $M). All renowned cryptographers agree that scrypt is far superior. Also the hashing algorithm can never be changed for BTC because that would require resolving the entire historical blockchain to achieve the same level of security LTC brings from the start. SHA-256 coins are rightly dead, and BTC is the only one still living off its initial and very major publicity until it will be replaced by a superior competitor (quite likely LTC or possibly PXC) just like Netscape Navigator, Yahoo Search, Friendster, Myspace, or any other generally innovative tech with execution flaws was. Doesn't take a genius to see that.

Also an imo ideal compromise between block time and network scalability (those altcoins with 60 seconds blocktimes and less couldn't ever scale to even what the BTC network is now).
I wonder if you would be saying the same thing if you had 50000 BTC tucked away.



But MOST of us don't have 50000 BTC tucked away.

See here is where most of the large holders screw up in there thinking.

When asic came out they were priced very high in BTC, and most people didn't have that many, so only a select few got them.

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.

BTC are only worth something because people say they are.

Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

The old guard has not relized the the BTC train is entering the last station. You must either change trains or stay at the station.

So, the GPU miners are starting to vote with thier feet.

Now that it is too late, the old guard, ie large BTC holders, seeing what is happening are starting to panic. They will try anything to keep their riches.

But when they are the only one left in BTC with their shiny asic what will they do?

I keep hearing how in the crypto coin world the great thing is how it takes 51% to change things. Well the 80% is starting to speak, and the old guard just hates it.

Ya reap what ya sow. They had it good, but got TOO greedy, and the rest are tiring of it. If they had let it spread out more this would not have happened imo.

So what ya gonna do old guard? Don't think there is much ya can. Have fun with your hoard of coins soon not to be worth much Shocked
Trouble is where do all the GPUs go when the LTC diff goes sky high and then unprofitable?

Vivisector999
Hero Member
*****
Offline Offline

Activity: 541
Merit: 500



View Profile
June 25, 2013, 07:41:04 PM
 #52

https://bitcointalk.org/index.php?topic=196138.0

Here is 1 good reason why Litecoin is needed.  Bitcoin already admits it is not a preferential coin for small transactions.  If Bitcoin ever did become the million dollar coin everyone would like it to become, your morning coffee purchase would not be able to transferred due to it being dust.  LOL at people who figure Bitcoins can be down to the satoshi level.  If/when the bitcoin network gets even busier, they will have to knock the dust down to an even larger factor.

Another reason Litecoin might be hyped is because it's not Bitcoin.  That can be a huge bonus right now while the US Gov't seems to have the Bitcoin network as it's main target.

Check out AC3  @ https://ac3.io/
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 07:45:14 PM
 #53

Got to get to work but I would point out SHA-2 (commonly called SHA-256, SHA-384, and SHA-512) has not been broken, not even theoretically.

An attack on a reduced round version of SHA-2 has been found what this means is that SHA-2 uses 64 rounds (the input is passed through the same algorithm 64 times).  IF SHA-2 only used 42 rounds a faster than brute force attack would be possible.  However I would point out that the time complexity of such an attack is 2^251.  A brute force preimage attack on SHA-2 requires 2^255 operations so the "attack" is 2^(255-251) = 2^4 = 16 times more faster than brute force.   That still requires more time and energy than our solar system has to achieve a collision.

Lastly SHA-2 being partially broken (i.e. much faster than brute force attack) is not a concern when it comes to mining.  If miners using a modifed algorithm implementing the attack could mine 10,000 faster then it would simply mean difficulty would rise by a factor of 10,000.  If SHA-2 is broken completely then the issue isn't mining it is the privacy of the public key however LTC (and alll? alt-coins) use the same address structure.  This is less of a threat as addresses are the double SHA-256 and RIPEMD-160 hash of the public key.  It is unlikely both algorithms would be broken sufficiently to provide a credible threat.

The largest cryptographic threat to BTC (and by extension all alt-coins as they have copied this portion of the code bit for bit) is ECDSA.  Public key cryptographic is much harder to predict the likelihood that the cipher will remain secure.  Unlike hashing algorithms public key cryptography relies on an "unknown".  The strength comes from the fact that there is currently no feasible method of solving certain math problems.  If that assumption turns out to be false then the cipher will be vulnerable.  Through either cryptoanalysis or quantum computing I full expect ECDSA (and many other public key systems) to be broken wide open within my lifetime.  An alt-coin using an alternative public key system would provide an "insurance" policy of sorts but AFAIK none exist.

A cryptographic system by definition is theoretically broken if an attack faster than brute force is known.

weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 07:46:21 PM
 #54

The biggest and really significant weakness of BTC is SHA-256, that is ASICs (which are a very genuine threat feasible for any dedicated attacker, getting a design and building a semiconductor fabrication plant can be had for a few $M). All renowned cryptographers agree that scrypt is far superior. Also the hashing algorithm can never be changed for BTC because that would require resolving the entire historical blockchain to achieve the same level of security LTC brings from the start. SHA-256 coins are rightly dead, and BTC is the only one still living off its initial and very major publicity until it will be replaced by a superior competitor (quite likely LTC or possibly PXC) just like Netscape Navigator, Yahoo Search, Friendster, Myspace, or any other generally innovative tech with execution flaws was. Doesn't take a genius to see that.

Also an imo ideal compromise between block time and network scalability (those altcoins with 60 seconds blocktimes and less couldn't ever scale to even what the BTC network is now).
I wonder if you would be saying the same thing if you had 50000 BTC tucked away.



But MOST of us don't have 50000 BTC tucked away.

See here is where most of the large holders screw up in there thinking.

When asic came out they were priced very high in BTC, and most people didn't have that many, so only a select few got them.

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.

BTC are only worth something because people say they are.

Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

The old guard has not relized the the BTC train is entering the last station. You must either change trains or stay at the station.

So, the GPU miners are starting to vote with thier feet.

Now that it is too late, the old guard, ie large BTC holders, seeing what is happening are starting to panic. They will try anything to keep their riches.

But when they are the only one left in BTC with their shiny asic what will they do?

I keep hearing how in the crypto coin world the great thing is how it takes 51% to change things. Well the 80% is starting to speak, and the old guard just hates it.

Ya reap what ya sow. They had it good, but got TOO greedy, and the rest are tiring of it. If they had let it spread out more this would not have happened imo.

So what ya gonna do old guard? Don't think there is much ya can. Have fun with your hoard of coins soon not to be worth much Shocked
Trouble is where do all the GPUs go when the LTC diff goes sky high and then unprofitable?

Stay with LTC because BTC only becomes unprofitable for GPU due to the fact that cost-efficient ASICs are feasible for BTC in the first place.. The point is that cost-efficient ASICs are unfeasible for LTC.

niko
Hero Member
*****
Offline Offline

Activity: 756
Merit: 501


There is more to Bitcoin than bitcoins.


View Profile
June 25, 2013, 07:49:06 PM
 #55

Vested interest.

They're there, in their room.
Your mining rig is on fire, yet you're very calm.
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 07:49:14 PM
 #56

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.  BTC are only worth something because people say they are. Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

Lets assume all this is true (which it isn't).  LTC uses a weakened version of scrypt one which ASICs can be produced cost effectively so what happens when BTC "dies" and LTC become mainstream.  The global mining revenue shoots up into the hundreds of millions of dollars a year which justifies the development of LTC ASICs?



Despite the scrypt memory requirement relaxation in LTC we are still talking about 4 or 5 orders of magnitude of higher cost. Nobody came ever close to an efficient LTC ASIC even in theoretical designs, so the point is the development of LTC ASICs is by orders of magnitude less justified than the development of BTC ASICs and therefore won't happen before LTC gains in price as much.  

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
June 25, 2013, 08:22:06 PM
 #57

Got to get to work but I would point out SHA-2 (commonly called SHA-256, SHA-384, and SHA-512) has not been broken, not even theoretically.

An attack on a reduced round version of SHA-2 has been found what this means is that SHA-2 uses 64 rounds (the input is passed through the same algorithm 64 times).  IF SHA-2 only used 42 rounds a faster than brute force attack would be possible.  However I would point out that the time complexity of such an attack is 2^251.  A brute force preimage attack on SHA-2 requires 2^255 operations so the "attack" is 2^(255-251) = 2^4 = 16 times more faster than brute force.   That still requires more time and energy than our solar system has to achieve a collision.

Lastly SHA-2 being partially broken (i.e. much faster than brute force attack) is not a concern when it comes to mining.  If miners using a modifed algorithm implementing the attack could mine 10,000 faster then it would simply mean difficulty would rise by a factor of 10,000.  If SHA-2 is broken completely then the issue isn't mining it is the privacy of the public key however LTC (and alll? alt-coins) use the same address structure.  This is less of a threat as addresses are the double SHA-256 and RIPEMD-160 hash of the public key.  It is unlikely both algorithms would be broken sufficiently to provide a credible threat.

The largest cryptographic threat to BTC (and by extension all alt-coins as they have copied this portion of the code bit for bit) is ECDSA.  Public key cryptographic is much harder to predict the likelihood that the cipher will remain secure.  Unlike hashing algorithms public key cryptography relies on an "unknown".  The strength comes from the fact that there is currently no feasible method of solving certain math problems.  If that assumption turns out to be false then the cipher will be vulnerable.  Through either cryptoanalysis or quantum computing I full expect ECDSA (and many other public key systems) to be broken wide open within my lifetime.  An alt-coin using an alternative public key system would provide an "insurance" policy of sorts but AFAIK none exist.

A cryptographic system by definition is theoretically broken if an attack faster than brute force is known.

Which doesn't exist for SHA-2 because it uses 64 rounds.  The attack was on a 42 round variant not used by anyone.  The attack doesn't work (even theoretically) against the actual SHA-2.

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.  BTC are only worth something because people say they are. Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

Lets assume all this is true (which it isn't).  LTC uses a weakened version of scrypt one which ASICs can be produced cost effectively so what happens when BTC "dies" and LTC become mainstream.  The global mining revenue shoots up into the hundreds of millions of dollars a year which justifies the development of LTC ASICs?



Despite the scrypt memory requirement relaxation in LTC we are still talking about 4 or 5 orders of magnitude of higher cost. Nobody came ever close to an efficient LTC ASIC even in theoretical designs, so the point is the development of LTC ASICs is by orders of magnitude less justified than the development of BTC ASICs and therefore won't happen before LTC gains in price as much.  

5 orders of magnitude really?
So BTC ASIC costs say $1M NRE and $5 per chip.
LTS $10B NRE and $500,000 per chip.

Really.  I mean that is just wrong that is common sense stupidly wrong.

An LTC ASIC can be produced today however the tiny amount of global mining revenue doesn't warrant it yet.  The efficiency gains are lower but the costs are not so high as to be a barrier.  Bitcoin ASICs didn't start looking cost effective until the exchange rate (and thus potential global mining revenue) was high enough. 

DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
June 25, 2013, 08:27:06 PM
Last edit: June 25, 2013, 08:58:22 PM by DeathAndTaxes
 #58

https://bitcointalk.org/index.php?topic=196138.0

Here is 1 good reason why Litecoin is needed.  Bitcoin already admits it is not a preferential coin for small transactions.  If Bitcoin ever did become the million dollar coin everyone would like it to become, your morning coffee purchase would not be able to transferred due to it being dust.  LOL at people who figure Bitcoins can be down to the satoshi level.  If/when the bitcoin network gets even busier, they will have to knock the dust down to an even larger factor.

Another reason Litecoin might be hyped is because it's not Bitcoin.  That can be a huge bonus right now while the US Gov't seems to have the Bitcoin network as it's main target.

If Bitcoin was worth a $1M then the dust threshold would be 1 satoshi (or roughly 1 US cent).  The dust threshold is a function of the min fee miners accept.  If miners are willing to accept transactions paying a 2 satoshi fee or less then the dust threshold would be 1 satoshi.

The min fee for low priority transactions is actually higher (in terms of purchasing power) on LTC network.

BTC min fee 0.00001 BTC = ~$0.01 USD
LTC min fee 0.02 LTC = ~$0.05 USD

So morning $1.99 coffee would have a 0.5% effective fee using BTC, 9.5% effective fee using LTC, and a 15% effective fee using a credit card. Wink
weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 08:32:49 PM
Last edit: June 25, 2013, 08:51:31 PM by weav
 #59

Got to get to work but I would point out SHA-2 (commonly called SHA-256, SHA-384, and SHA-512) has not been broken, not even theoretically.

An attack on a reduced round version of SHA-2 has been found what this means is that SHA-2 uses 64 rounds (the input is passed through the same algorithm 64 times).  IF SHA-2 only used 42 rounds a faster than brute force attack would be possible.  However I would point out that the time complexity of such an attack is 2^251.  A brute force preimage attack on SHA-2 requires 2^255 operations so the "attack" is 2^(255-251) = 2^4 = 16 times more faster than brute force.   That still requires more time and energy than our solar system has to achieve a collision.

Lastly SHA-2 being partially broken (i.e. much faster than brute force attack) is not a concern when it comes to mining.  If miners using a modifed algorithm implementing the attack could mine 10,000 faster then it would simply mean difficulty would rise by a factor of 10,000.  If SHA-2 is broken completely then the issue isn't mining it is the privacy of the public key however LTC (and alll? alt-coins) use the same address structure.  This is less of a threat as addresses are the double SHA-256 and RIPEMD-160 hash of the public key.  It is unlikely both algorithms would be broken sufficiently to provide a credible threat.

The largest cryptographic threat to BTC (and by extension all alt-coins as they have copied this portion of the code bit for bit) is ECDSA.  Public key cryptographic is much harder to predict the likelihood that the cipher will remain secure.  Unlike hashing algorithms public key cryptography relies on an "unknown".  The strength comes from the fact that there is currently no feasible method of solving certain math problems.  If that assumption turns out to be false then the cipher will be vulnerable.  Through either cryptoanalysis or quantum computing I full expect ECDSA (and many other public key systems) to be broken wide open within my lifetime.  An alt-coin using an alternative public key system would provide an "insurance" policy of sorts but AFAIK none exist.

A cryptographic system by definition is theoretically broken if an attack faster than brute force is known.

Which doesn't exist for SHA-2 because it uses 64 rounds.  The attack was on a 42 round variant not used by anyone.  The attack doesn't work (even theoretically) against the actual SHA-2.


OK I stand corrected, it only applies to reduced rounds instances of SHA-2. Still practical with ASICs, which is the original point.

weav
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


- "Bitcore (BTX) - Airdrops every Monday"


View Profile
June 25, 2013, 08:34:56 PM
Last edit: June 25, 2013, 08:52:22 PM by weav
 #60

Up went the diff on BTC to the point GPU miners could not make a profit. Now since GPU miners make up about 80%+ of the miners what did you think they were gonna do, sit by while the old guard has steak to eat, while they get bread crumbs.  They are moving to the scrypt coin and nothing can be done about it.  BTC are only worth something because people say they are. Well the 80%+ is getting ready to say BTC is NOT worth anything anymore. Hence LTC is rising.

Lets assume all this is true (which it isn't).  LTC uses a weakened version of scrypt one which ASICs can be produced cost effectively so what happens when BTC "dies" and LTC become mainstream.  The global mining revenue shoots up into the hundreds of millions of dollars a year which justifies the development of LTC ASICs?



Despite the scrypt memory requirement relaxation in LTC we are still talking about 4 or 5 orders of magnitude of higher cost. Nobody came ever close to an efficient LTC ASIC even in theoretical designs, so the point is the development of LTC ASICs is by orders of magnitude less justified than the development of BTC ASICs and therefore won't happen before LTC gains in price as much.  

5 orders of magnitude really?
So BTC ASIC costs say $1M NRE and $5 per chip.
LTS $10B NRE and $500,000 per chip.

Really.  I mean that is just wrong that is common sense stupidly wrong.

An LTC ASIC can be produced today however the tiny amount of global mining revenue doesn't warrant it yet.  The efficiency gains are lower but the costs are not so high as to be a barrier.  Bitcoin ASICs didn't start looking cost effective until the exchange rate (and thus potential global mining revenue) was high enough.  



Yes, 4 to 5 orders of magnitude for a likewise efficient (this is the keyword here) LTC ASIC was the concensus among people who tried last time I checked, or do you know of any even theoretical designs that suggest otherwise.

Pages: « 1 2 [3] 4 5 6 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!