|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
October 14, 2013, 11:33:02 AM |
|
I think, still not there. Someone said it should be thousands of qubits.
|
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
btcusr (OP)
Sr. Member
Offline
Activity: 405
Merit: 255
@_vjy
|
|
October 14, 2013, 11:42:52 AM |
|
I think, still not there. Someone said it should be thousands of qubits.
1000 qbit ≈ 2 * 512 qbit processors I think, they (NASA, google, D-Wave) should have few hundreds of 512 qbit processors.
|
|
|
|
NewLiberty
Legendary
Offline
Activity: 1204
Merit: 1002
Gresham's Lawyer
|
|
October 14, 2013, 03:40:19 PM |
|
It would be better used to optimize FPGA code and make a better ASIC, then move on to other things.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
October 14, 2013, 03:42:31 PM Last edit: October 14, 2013, 03:56:46 PM by DeathAndTaxes |
|
I think, still not there. Someone said it should be thousands of qubits.
1000 qbit ≈ 2 * 512 qbit processors It doesn't work that way. x 512 qbit QC can't do anything more complex than 1 512 qbit QC although they can do 2x as many simulations. I think, they (NASA, google, D-Wave) should have few hundreds of 512 qbit processors. As posted many times D-Wave is not a general purpose quantum computer. DWave is a type of specailized quantum computer which uses a concept called quantum annealing to simplify complex simulations. http://en.wikipedia.org/wiki/Quantum_annealingDWave is not capable of and was never designed to implement Shor's algorithm. It has absolutely no ability to break ECDSA keys. Even if D-Wave was a general purpose quantum computer and capable of implementing Shor's algorithm against ECDSA keys it would need to be on the order of tens of thousands qbits. Lastly an address is the hash of the public key. Even if a general purpose quantum computers with sufficient qbits and capable of implementing Shor's algorithm against ECDSA keys the PUBLIC KEY is still needed. If coins haven't been spent from an address (no address reuse) then the public key remains unknown and thus unsolvable.
|
|
|
|
Patel
Legendary
Offline
Activity: 1320
Merit: 1007
|
|
October 14, 2013, 03:43:08 PM |
|
So the question is, can this crack SHA256?
|
|
|
|
FeedbackLoop
|
|
October 14, 2013, 03:44:56 PM |
|
So the question is, can this crack SHA256?
No. (Chewed, digested and vomited D&T's answer for you. It wasn't much of an effort... Enjoy your vomit.)
|
|
|
|
n8rwJeTt8TrrLKPa55eU
|
|
October 14, 2013, 04:49:11 PM |
|
This might be slightly off-topic for the thread, but it's quantum related and has implications for both Bitcoin and cryptography in general. Do any of our resident quantum gurus (D&T, gmaxwell, or anyone else) have an opinion on this: http://noospheer.wordpress.com/2013/09/04/why-turing-machines-are-quantum/It essentially claims that, based on some new research from the past couple decades, it might be possible to efficiently simulate certain kinds of quantum circuits on classical computers, with only n*logarithmic (as opposed to exponential) overhead.
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
October 14, 2013, 04:56:50 PM |
|
Quantum is still in it's infancy. The day a major fully functional quantum computer comes online will be a big day. It won't even seem like a computer as it will have superhero abilities, such as breaking encryption.
|
|
|
|
gmaxwell
Staff
Legendary
Offline
Activity: 4284
Merit: 8808
|
|
October 14, 2013, 05:05:05 PM |
|
512 qbit quantum computer is here...
This device is not the same class of device that computer scientists are speaking about when they say "quantum computer". It's analogous to building a digital computer that can only perform addition: An add-only-machine "computes", but it's not turing complete. The DWAVE devices are not quantum turing complete: they cannot perform the fast quantum period finding algorithms which would are apparently needed to recover a private key from a public key. It is a quantum computer only in the sense that it computes and (maybe) uses some quantum effect. Nor does their device appear to have any clear way to generalize to quantum turing completeness in the future, nor are they claiming that it does. Moreover, you asked for an even harder problem: Converting an address to its private key requires finding the pre-image to RIPEMD160+SHA256 (and its discrete log), and this wouldn't be efficiently computable on a real quantum computer. The noospheer guy has been all over the place trying to collect money for his batshit craziness. He emits a lot of technobabble that doesn't have any credibility. If he actually could do what he claims he could trivially prove it to anyone (e.g. by finding a discrete log of a nothing-up-my-sleeve point). It won't even seem like a computer as it will have superhero abilities, such as breaking encryption.
People frequently exaggerate the capabilities of quantum computers. Indeed, such a device would be magical and a breakthrough and would help solve many interesting problems. But quantum computers are not even conjectured to break _all_ encryption, they only break some classes of cryptography (such as asymmetric cryptography based on the hardness of hidden subgroup problem in abelian groups, like factoring and discrete log), and even then only if the QC is sufficiently large (in terms of gates and coherence length).
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
October 14, 2013, 06:03:51 PM |
|
It won't even seem like a computer as it will have superhero abilities, such as breaking encryption.
People frequently exaggerate the capabilities of quantum computers. Indeed, such a device would be magical and a breakthrough and would help solve many interesting problems. But quantum computers are not even conjectured to break _all_ encryption, they only break some classes of cryptography (such as asymmetric cryptography based on the hardness of hidden subgroup problem in abelian groups, like factoring and discrete log), and even then only if the QC is sufficiently large (in terms of gates and coherence length). True. But SHA256 would be at risk. And as far as quantum being magic, it is as close as physics comes. lol
|
|
|
|
conv3rsion
|
|
October 14, 2013, 09:09:41 PM |
|
512 qbit quantum computer is here...
This device is not the same class of device that computer scientists are speaking about when they say "quantum computer". It's analogous to building a digital computer that can only perform addition: An add-only-machine "computes", but it's not turing complete. The DWAVE devices are not quantum turing complete: they cannot perform the fast quantum period finding algorithms which would are apparently needed to recover a private key from a public key. It is a quantum computer only in the sense that it computes and (maybe) uses some quantum effect. Nor does their device appear to have any clear way to generalize to quantum turing completeness in the future, nor are they claiming that it does. Moreover, you asked for an even harder problem: Converting an address to its private key requires finding the pre-image to RIPEMD160+SHA256 (and its discrete log), and this wouldn't be efficiently computable on a real quantum computer. The noospheer guy has been all over the place trying to collect money for his batshit craziness. He emits a lot of technobabble that doesn't have any credibility. If he actually could do what he claims he could trivially prove it to anyone (e.g. by finding a discrete log of a nothing-up-my-sleeve point). It won't even seem like a computer as it will have superhero abilities, such as breaking encryption.
People frequently exaggerate the capabilities of quantum computers. Indeed, such a device would be magical and a breakthrough and would help solve many interesting problems. But quantum computers are not even conjectured to break _all_ encryption, they only break some classes of cryptography (such as asymmetric cryptography based on the hardness of hidden subgroup problem in abelian groups, like factoring and discrete log), and even then only if the QC is sufficiently large (in terms of gates and coherence length). I'm not trying to kiss your ass here, but we are so lucky that you (and other equally talented devs) have decided to focus your efforts on Bitcoin.
|
|
|
|
Tomatocage
Legendary
Offline
Activity: 1554
Merit: 1222
brb keeping up with the Kardashians
|
|
October 14, 2013, 09:36:49 PM |
|
Finally, something that can run Windows smoothly.
|
|
|
|
Raize
Donator
Legendary
Offline
Activity: 1419
Merit: 1015
|
|
October 14, 2013, 09:38:04 PM |
|
The DWAVE devices are not quantum turing complete: they cannot perform the fast quantum period finding algorithms which would are apparently needed to recover a private key from a public key. Not only that, but it appears that simulation for random QUBO instances within a D-Wave constraint graph can be beaten by a standard laptop with simulated annealing code. More here: http://www.archduke.org/stuff/d-wave-comment-on-comparison-with-classical-computers/Don't get me wrong, they might be on the cusp of something truly interesting here, but there's a lot of smoke and mirrors about whether or not this is a true technological breakthrough. And as gmaxwell is saying, this is far from being able to decrypt anything right now.
|
|
|
|
terman45x
|
|
October 14, 2013, 09:45:11 PM |
|
Dont worry, D-Wave is not true quantum computer.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
October 14, 2013, 09:48:38 PM |
|
True. But SHA256 would be at risk. And as far as quantum being magic, it is as close as physics comes. lol No the opposite is actually true. Symmetric encryption (like AES) and cryptographic hashing algorithms (like SHA-2) are not significantly effected by quantum computing. Grover's algorithm makes then faster than brute force but not fast enough to be useful. The vulnerabilities lies in public key cryptography (ECDSA, RSA, etc).
|
|
|
|
mrdavis
|
|
October 15, 2013, 02:28:47 AM |
|
I think, still not there. Someone said it should be thousands of qubits.
1000 qbit ≈ 2 * 512 qbit processors It doesn't work that way. x 512 qbit QC can't do anything more complex than 1 512 qbit QC although they can do 2x as many simulations. I think, they (NASA, google, D-Wave) should have few hundreds of 512 qbit processors. As posted many times D-Wave is not a general purpose quantum computer. DWave is a type of specailized quantum computer which uses a concept called quantum annealing to simplify complex simulations. http://en.wikipedia.org/wiki/Quantum_annealingDWave is not capable of and was never designed to implement Shor's algorithm. It has absolutely no ability to break ECDSA keys. Even if D-Wave was a general purpose quantum computer and capable of implementing Shor's algorithm against ECDSA keys it would need to be on the order of tens of thousands qbits. Lastly an address is the hash of the public key. Even if a general purpose quantum computers with sufficient qbits and capable of implementing Shor's algorithm against ECDSA keys the PUBLIC KEY is still needed. If coins haven't been spent from an address (no address reuse) then the public key remains unknown and thus unsolvable. Can we get a script that posts this answer every time someone starts a new thread with the word "quantum" in it?
|
|
|
|
johnyj
Legendary
Offline
Activity: 1988
Merit: 1012
Beyond Imagination
|
|
October 15, 2013, 10:18:41 AM |
|
D-wave's machine is reported to be 3600x faster than a Core 2 Quad CPU (on certain specifically suited calculation), which can do 20MH/s in bitcoin mining. That makes it 72Gh/s = one Avalon ASIC mining rig
|
|
|
|
hashman
Legendary
Offline
Activity: 1264
Merit: 1008
|
|
October 15, 2013, 02:52:05 PM |
|
This might be slightly off-topic for the thread, but it's quantum related and has implications for both Bitcoin and cryptography in general. Do any of our resident quantum gurus (D&T, gmaxwell, or anyone else) have an opinion on this: http://noospheer.wordpress.com/2013/09/04/why-turing-machines-are-quantum/It essentially claims that, based on some new research from the past couple decades, it might be possible to efficiently simulate certain kinds of quantum circuits on classical computers, with only n*logarithmic (as opposed to exponential) overhead. I didn't see anything in there about logN overhead?
|
|
|
|
Patel
Legendary
Offline
Activity: 1320
Merit: 1007
|
|
October 21, 2013, 06:04:46 PM |
|
Anyone know if this quantum computer generates 51% of Bitcoins hashing power?
|
|
|
|
|