Bitcoin Forum
June 13, 2021, 03:21:03 AM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: 1 2 3 [All]
  Print  
Author Topic: Quantum Computing and Bitcoin  (Read 974 times)
8CommaClub
Jr. Member
*
Offline Offline

Activity: 118
Merit: 3


View Profile
November 25, 2018, 12:50:01 AM
 #1

If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

1F8kqQx3eSwxbyoFvMYLtK4KBMMVJx3sjA
1623554463
Hero Member
*
Offline Offline

Posts: 1623554463

View Profile Personal Message (Offline)

Ignore
1623554463
Reply with quote  #2

1623554463
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1623554463
Hero Member
*
Offline Offline

Posts: 1623554463

View Profile Personal Message (Offline)

Ignore
1623554463
Reply with quote  #2

1623554463
Report to moderator
1623554463
Hero Member
*
Offline Offline

Posts: 1623554463

View Profile Personal Message (Offline)

Ignore
1623554463
Reply with quote  #2

1623554463
Report to moderator
bones261
Legendary
*
Offline Offline

Activity: 1806
Merit: 1823



View Profile
November 25, 2018, 01:09:56 AM
Last edit: November 25, 2018, 06:51:56 AM by bones261
 #2

Hope some miners can also get a quantum computer to compete with mining and switch to an algorithm for the keys that would take the QC longer than it's expected Quantum decoherence time by a factor of billions upon billions.
8CommaClub
Jr. Member
*
Offline Offline

Activity: 118
Merit: 3


View Profile
November 25, 2018, 01:18:15 AM
 #3

I
If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

Hope some miners can also get a quantum computer to compete with mining and switch to an algorithm for the keys that would take the QC longer than it's expected Quantum decoherence time by a factor of billions upon billions.

What if the government controls the Quantum computer , and there isn't anyone to fight back? Would that spell the end of Bitcoin? And if there is , would it be necessary to move to QC resistant cryptography?

1F8kqQx3eSwxbyoFvMYLtK4KBMMVJx3sjA
bones261
Legendary
*
Offline Offline

Activity: 1806
Merit: 1823



View Profile
November 25, 2018, 01:26:20 AM
 #4

I
If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

Hope some miners can also get a quantum computer to compete with mining and switch to an algorithm for the keys that would take the QC longer than it's expected Quantum decoherence time by a factor of billions upon billions.

What if the government controls the Quantum computer , and there isn't anyone to fight back? Would that spell the end of Bitcoin? And if there is , would it be necessary to move to QC resistant cryptography?

Back to the drawing board. If any entity gets control of 51% of the mining and there is no way to wrest back control, then Bitcoin is insecure and virtually worthless.
8CommaClub
Jr. Member
*
Offline Offline

Activity: 118
Merit: 3


View Profile
November 25, 2018, 01:35:23 AM
 #5

I
If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

Hope some miners can also get a quantum computer to compete with mining and switch to an algorithm for the keys that would take the QC longer than it's expected Quantum decoherence time by a factor of billions upon billions.

What if the government controls the Quantum computer , and there isn't anyone to fight back? Would that spell the end of Bitcoin? And if there is , would it be necessary to move to QC resistant cryptography?

Back to the drawing board. If any entity gets control of 51% of the mining and there is no way to wrest back control, then Bitcoin is insecure and virtually worthless.

if this did happen and bitcoin did bring down the banks , so there is no "currency" system , i wonder what would come next.

1F8kqQx3eSwxbyoFvMYLtK4KBMMVJx3sjA
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2818


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
November 25, 2018, 06:43:07 AM
Merited by dbshck (4), bones261 (2)
 #6

ECDSA/secp256k1 is quantum-resistance as long as it's public key isn't known, which means users should be fine as long as they never re-use their Bitcoin address and Quantum computer isn't fast enough to find out it's private key before the transaction got confirmed/fully propagated to all nodes.

But there are proposal to use cryptographic signature which is quantum resistant, even though AFAIK there's huge trade-off such as far larger signature size and longer verification time.

bones261
Legendary
*
Offline Offline

Activity: 1806
Merit: 1823



View Profile
November 25, 2018, 07:04:16 AM
 #7

ECDSA/secp256k1 is quantum-resistance as long as it's public key isn't known, which means users should be fine as long as they never re-use their Bitcoin address and Quantum computer isn't fast enough to find out it's private key before the transaction got confirmed/fully propagated to all nodes.

But there are proposal to use cryptographic signature which is quantum resistant, even though AFAIK there's huge trade-off such as far larger signature size and longer verification time.

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner, "ordinary computers" and network technology will be at the point that a larger signature size wouldn't be a problem either. Or are we still going to be fretting that someone's raspberry pi that they bought in 2009 should still be able to run a full node while only connecting with a 56K modem?
tromp
Hero Member
*****
Offline Offline

Activity: 748
Merit: 616


View Profile
November 25, 2018, 08:34:35 AM
 #8

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner

Wrong; quantum computers need to run for 2^80 steps to find a private key mapping to a given 160 bit public key. That will remain infeasible for decades to come.
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
November 25, 2018, 09:51:56 AM
Merited by dbshck (4)
 #9

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner

Wrong; quantum computers need to run for 2^80 steps to find a private key mapping to a given 160 bit public key. That will remain infeasible for decades to come.

however the threat of QC is 51% attack, not directly breaking the key-pairs but while cryptographers think in probability space (2^80) of breaking something secure (in theory), there are Cryptanalysis methods out there to find shortcuts (in practice) and decrease the steps they need to pass:

https://en.wikipedia.org/wiki/Cryptanalysis

the most important point of failure that I see in asymmetric encryption is running a Random Function in key generation stage. providing real randomness is one of the hardest problems that I ever seen - because what you think is random at first sight, in fact carries a hidden pattern inside. so most of the time random number generation is where Cryptanalysis begin their job from.

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
November 25, 2018, 10:27:27 AM
Merited by Welsh (1), ETFbitcoin (1)
 #10

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner

Wrong; quantum computers need to run for 2^80 steps to find a private key mapping to a given 160 bit public key. That will remain infeasible for decades to come.

however the threat of QC is 51% attack, not directly breaking the key-pairs but while cryptographers think in probability space (2^80) of breaking something secure (in theory), there are Cryptanalysis methods out there to find shortcuts (in practice) and decrease the steps they need to pass:

https://en.wikipedia.org/wiki/Cryptanalysis

the most important point of failure that I see in asymmetric encryption is running a Random Function in key generation stage. providing real randomness is one of the hardest problems that I ever seen - because what you think is random at first sight, in fact carries a hidden pattern inside. so most of the time random number generation is where Cryptanalysis begin their job from.

Wrong. There is no shortcut for sha2 and if it would be ever possible to find such a shortcut the whole bitcoin blockchain security will become void and you don't need to wait for QC to bring it down.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
November 25, 2018, 10:41:02 AM
Last edit: November 25, 2018, 11:42:51 AM by mixoftix
Merited by ETFbitcoin (1)
 #11

Wrong. There is no shortcut for sha2 and if it would be ever possible to find such a shortcut the whole bitcoin blockchain security will become void and you don't need to wait for QC to bring it down.

misunderstood. the SHA256 is not broken in output. what I wrote above is about the weakness in providing input for the SHA256 - because of weakness in random number generation. this is much more about vulnerabilities that exist in implementation stages of a secure platform - not the Math behind it. so we need to know how QC could influences in the structure of providing (and predict) input for SHA256 (or any other hash algorithm).

UPDATE:
we all know several online/offline bitcoin address generators that only run random function in javascript / server-side script. better solutions make the user to move her mouse to reach better amount of randomness. as I know we have no control over quality of randomness in bitcoin protocol. hope the paper bellow help:

http://www.mixoftix.net/knowledge_base/security/Key_Generation_with_Verifiable_Randomness.pdf

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
November 25, 2018, 12:34:58 PM
Merited by Welsh (3), ETFbitcoin (1)
 #12

Wrong. There is no shortcut for sha2 and if it would be ever possible to find such a shortcut the whole bitcoin blockchain security will become void and you don't need to wait for QC to bring it down.

misunderstood. the SHA256 is not broken in output. what I wrote above is about the weakness in providing input for the SHA256 - because of weakness in random number generation. this is much more about vulnerabilities that exist in implementation stages of a secure platform - not the Math behind it. so we need to know how QC could influences in the structure of providing (and predict) input for SHA256 (or any other hash algorithm).

Now it makes a bit more sense but not enough. Again, it has nothing to do with QC:

If hypothetically, one could find such a vulnerability in the RNG used in a wallet, to be able to "narrow" the search space in brute forcing RIPEMD-160 hash he needs to:
1- 'Guessing' a 'more likely' private key (using the vulnerability in the Random Number Generator),
2- Performing one simple multiplication to compute a public key for it,
3- Generating  ripemd-160 hash of the public key,
4- Praying for a match.

None of the above is QC related.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
bones261
Legendary
*
Offline Offline

Activity: 1806
Merit: 1823



View Profile
November 25, 2018, 02:32:01 PM
Last edit: November 25, 2018, 04:42:10 PM by bones261
 #13

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner

Wrong; quantum computers need to run for 2^80 steps to find a private key mapping to a given 160 bit public key. That will remain infeasible for decades to come.

You are taking my post out of context... the word "if" should clue you in. I know that this is nowhere close to feasible now. Perhaps I should have replaced it with the word when to make it more clear?
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
November 25, 2018, 04:40:30 PM
Last edit: November 25, 2018, 06:17:02 PM by mixoftix
 #14

1- 'Guessing' a 'more likely' private key (using the vulnerability in the Random Number Generator),

please keep us posted about any improvement by QC in RNG attacks, Ali. I just googled and found nothing worthy. but found something amazing in these old stuffs:

https://en.wikipedia.org/wiki/Random_number_generator_attack#cite_note-20
https://www.theregister.co.uk/2013/08/12/android_bug_batters_bitcoin_wallets/
https://bitcoin.org/en/alert/2013-08-11-android

------------------

now, there is a question. while machine learning could be used in attack to RNG and macine learning could also improve by QC, there should be a chance in doing something real with QC on RNG - just a gesture..

update:
https://en.wikipedia.org/wiki/Quantum_machine_learning

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
8CommaClub
Jr. Member
*
Offline Offline

Activity: 118
Merit: 3


View Profile
November 25, 2018, 04:50:23 PM
 #15

1- 'Guessing' a 'more likely' private key (using the vulnerability in the Random Number Generator),

please keep us posted about any improvement by QC in RNG attacks, Ali. I just googled and found nothing worthy. but found something amazing in these old stuffs:

https://en.wikipedia.org/wiki/Random_number_generator_attack#cite_note-20
https://www.theregister.co.uk/2013/08/12/android_bug_batters_bitcoin_wallets/
https://bitcoin.org/en/alert/2013-08-11-android

------------------

now, there is a question. while machine learning could be used in attack to RNG and macine learning could also improve by QC, there should be a chance in doing something real with QC on RNG - just a gesture..

what about QC on Fibonacci Sequence? (http://www.ijesi.org/papers/Vol(6)9/Version-3/B0609030714.pdf) Scroll down to encryption / decryption?

1F8kqQx3eSwxbyoFvMYLtK4KBMMVJx3sjA
crptomoon1001
Member
**
Offline Offline

Activity: 73
Merit: 10


View Profile
November 25, 2018, 05:33:20 PM
Merited by Welsh (3)
 #16

I think if we are at the point in technology that a QC can be made that can break SHA256 in a relatively trivial manner

Wrong; quantum computers need to run for 2^80 steps to find a private key mapping to a given 160 bit public key. That will remain infeasible for decades to come.

You are taking my post out of context... the word "if" should clue you in. I know that this is nowhere close to feasible now. Perhaps I should have replaced it with the word when to make it more clear?


Great question. Made me to think a bit on a possible solution. Below is just my high-level thought without getting into too much of feasibility check.

Quantum computer possesses two major threats to bitcoin Network.

Challenge 1. Quantum computer can rig up blockchain by centralizing its hashing power and

Challenge 2. It can crack to cryptography key and the encryption.


Both are valid security concerns. Something to worry about for sure. But let's understand this basic that it is not just a security threat to bitcoin, but also a security threat to all software's that use encryption see for example it is the threat to all the WhatsApp messages that you send to your friends, it is a threat for you to secure your login credentials for bitcointalk, it is a thread for you as a customer of a bank to prevent your money in the bank account and so on and so forth.

Having established that it is not just a Bitcoin Network security concerned also a security concern for every software that uses encryption technique, let's evaluate two possible solutions to the problem. Once again let me clarify that double two solutions are just my high-level thoughts.

Solution 1.  DAG based blockchain network will grow in future and Proof of Work based blockchain network systems will possibly be eliminated. This might take care of challenge number 1 above

Solution 2. One time password (OTP) or additional security layer to get access to the account will rise and might take care of challenge number 2 above. Two-factor Authentication may become more advanced by the time. Face recognition or voice recognition maybe used along with biometrics in order to get an access to an account in next few years maybe. But this challenge is not hard to overcome. In this manner The Challenge number can be solved
.


mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
November 25, 2018, 06:35:53 PM
 #17

what about QC on Fibonacci Sequence? (http://www.ijesi.org/papers/Vol(6)9/Version-3/B0609030714.pdf) Scroll down to encryption / decryption?

thanks for the paper, my friend.
these sort of encryption algorithms belong to a major family of algorithms that we call them One-Time-Pad:

https://en.wikipedia.org/wiki/One-time_pad

the operator XOR (or MOD when you try to work with ASCII values of characters) is necessary -  not a simple ADD operation. including fibo sequence here doesn't provide a better level of security..

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
November 26, 2018, 08:54:46 AM
Merited by Welsh (4), HeRetiK (1), mixoftix (1)
 #18

1- 'Guessing' a 'more likely' private key (using the vulnerability in the Random Number Generator),

please keep us posted about any improvement by QC in RNG attacks, Ali. I just googled and found nothing worthy. but found something amazing in these old stuffs:

https://en.wikipedia.org/wiki/Random_number_generator_attack#cite_note-20
https://www.theregister.co.uk/2013/08/12/android_bug_batters_bitcoin_wallets/
https://bitcoin.org/en/alert/2013-08-11-android

------------------

now, there is a question. while machine learning could be used in attack to RNG and macine learning could also improve by QC, there should be a chance in doing something real with QC on RNG - just a gesture..

update:
https://en.wikipedia.org/wiki/Quantum_machine_learning
It is a new proposal: Attacking RNG by machine learning boosted by QC. Your previous suggestion was taking advantage of a vulnerable RNG to narrowing down the search space and using QC for boosting the process. I am afraid the new attack is unlikely to work, as well.

We have Cryptographically Secure Pseudo Random Number Generators (CSPRNG), that are provably safe against AI techniques including neural networks and machine learning. For instance suppose we are getting closer to machine learning being disruptively boosted by a hypothetical QC machine reasonably cheap and powerful. Wallets would be able to apply a Von Neumann extractor to their systems in case they have not already considered it.

Bottom line: QC is just another technology and technology can't fight mathematics. It is always possible to force cryptographers to use more sophisticated techniques because of significant technological achievements that provide more processing powers, but it is not possible to beat cryptography in the race.


             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
CryptoSpark
Newbie
*
Offline Offline

Activity: 65
Merit: 0


View Profile WWW
November 26, 2018, 10:57:41 AM
 #19

NIST is working on a timeline of around 5 to 10 years before publishing recommendations of the best quantum resistant algorithms to apply.
There's a lot of great work already going on and already a range of algorithms to choose from, the question which are the most efficient and reliable and ultimately which get NIST backing and make it into standards.

With regards to timelines, I often hear two opinions, neither of which I have any reason to accept over the other.

The first is that practical quantum computing is still a decade away and so there's time to get this right through NIST. That could very well be true.
The second is that quantum computing is more advanced that is publicly understood and is in part why a certain agency is accelerating the replacement of their Suite B cryptography suite with a new quantum resistant suite.

Whatever the truth, we need to follow standards bodies like NIST and work methodically to get things right.
seoincorporation
Legendary
*
Offline Offline

Activity: 2100
Merit: 1749



View Profile
November 27, 2018, 03:29:08 PM
 #20

If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

We should migrate all the sha256 functions to sha-3, that would be the measures to take, but remember, is aquantum computer can break bitcoin, then that's the smaller issue because in that point all the security agencies would be vuln, sha256 is protecting the military  secrets and all the gov important stuf, so, with that power who will fuck bitcoin while he can fuck the world.

▄▄█████████▄▄
▄█▀███████████████▄
▄█▀  █████████████████▄
▄█   ▐██████████████████▄
▄█    ████████████████████▄
█▌ ██ ███████████████████
█▌    ▐███████████████████
█▌     ██████████████████
▀█  ██ ▀██████████████████▀
▀█      ▀███████████████▀
▀█▄   ██ ▀████████████▀
▀█▄▄      ▀███████▀
▀▀█▄▄▄▄▄▄▄█▀▀
||THE BEST GLOBAL CURRENCY FOR THE ENVIRONMENT
RUN ON THE BEST NETWORK, BINANCE SMART CHAIN

█ ██ ███ ████ ████████████████  powered by the moon         
||||     ▄▀▀▀▀▀▄▀▀▄
    ▄▀ ▄▀  ▀▄ ▀▄
    █  █    █  █
 ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 ████████████████▌
 ██████████████████▌
 ██████████████████▌
▐██████████████████████████
▐██████████████ ████ ██████
▐██████████████ ████ ██████▌
███████████████ ▀██▀ ██████▌
████████████████▄▄▄▄████████
████████████████████████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
sametyui73
Newbie
*
Offline Offline

Activity: 27
Merit: 1


View Profile
November 27, 2018, 03:46:18 PM
Merited by TimeTeller (1)
 #21

The most important point of failure that I see in asymmetric encryption is running a Random Function in key generation stage. providing real randomness is one of the hardest problems that I ever seen - because what you think is random at first sight, in fact carries a hidden pattern inside. so most of the time random number generation is where Cryptanalysis begin their job from.
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
November 27, 2018, 05:14:13 PM
 #22

The most important point of failure that I see in asymmetric encryption is running a Random Function in key generation stage. providing real randomness is one of the hardest problems that I ever seen - because what you think is random at first sight, in fact carries a hidden pattern inside. so most of the time random number generation is where Cryptanalysis begin their job from.

Take a look at Von-Neumann extractor.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
AverageGlabella
Hero Member
*****
Offline Offline

Activity: 516
Merit: 691


View Profile
December 03, 2018, 04:19:01 PM
Merited by Welsh (7), dbshck (4), ETFbitcoin (1)
 #23

Quantum computing will not destroy Bitcoin. I believe that given enough time and the right amount of preparation we can implement ways of protecting against quantum computers. The biggest concern is QC attacks which later quantum computers should be capable of doing. But by the time that this happens we should of been able to look at the situation and guard against it by changing algorithms and everything. I assure you that there's enough people working on the protection of Bitcoin that a quantum computer will not destroy it. Its true that quantum computers will put much of the security of users at risk and not just in Bitcoin. But technology seems to adapt and balance itself out. Currently we have algorithms which traditional computers cannot break. I expect this to be the same when quantum computers are released.

This is a quote form the Bitcoin wiki: "As of 2016, the largest general-purpose quantum computers have fewer than 10 qubits. Attacking Bitcoin keys would require around 1500 qubits. Humanity currently does not have the technology necessary to create a quantum computer large enough to attack Bitcoin keys. It is not known how quickly this technology will advance; however, cryptography standards such as ECRYPT II tend to say that Bitcoin's 256-bit ECDSA keys are secure until at least 2030-2040."

As you can see from that quote the current quantum computers are no where near being sufficent enough to be a threat to Bitcoin. In fact we are far off it. As you can see they put a deadline on it and say that the ECDSA keys are secure until at least 2030. Which gives us more than enough time to prepare for the development of better quantum computers.

In fact users can guard against quantum computers themselves. By regularly moving their coins around and only using one address. This would prevent any brute force attempts by a quantum computer.
Quickfant
Member
**
Offline Offline

Activity: 122
Merit: 22


View Profile
December 03, 2018, 08:21:51 PM
 #24

The faster the computer the more BTC that can be mined https://youtu.be/loLirgyrzNY

Although that is true. The difficulty would also increase to prevent any issues with quantum computing. The real issue with quantum computers is breaking the current algorithm and not the mining aspect.

A problem with the mining aspect is that quantum computers could push up the difficulty and render the network difficult for those who can't afford quantum computers.
Michal_open_source
Jr. Member
*
Offline Offline

Activity: 99
Merit: 2


View Profile
December 12, 2018, 03:32:05 PM
 #25

If now all of the sudden the SHA256 encryption could be decoded that bitcoin being useless would be our least concern as the banks and web pages also use this technology right?
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
December 12, 2018, 07:11:20 PM
Merited by Welsh (3)
 #26

If now all of the sudden the SHA256 encryption could be decoded that bitcoin being useless would be our least concern as the banks and web pages also use this technology right?
it is not about SHA256, it is not an encryption mechanism and QC has nothing to do with it and there will be no technology ever capable to do anything about it!
QC is good at solving a row of mathematical problems much faster than conventional computers and it includes ECDSA which is Elliptic Curve Digital Signature Algorithm used by bitcoin and many other institutions and people as well as banks and anybody who is involved in e-commerce and needs signing transactions or documents digitally.

That said, you are right, QC is not just about bitcoin and is a more general threat to financial and legal systems and security of digital sphere. Interestingly, bitcoin would be among the least vulnerable technologies because most systems are open to QC attack in large widows of time while bitcoin public keys are not disclosed (being hashed) and any hypothetical QC attack has to be carried out in like few hours in the worst case! It is the window in which bitcoin keys are disclosed and open to attack but not confirmed yet to become useless.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
andrecalabrese
Newbie
*
Offline Offline

Activity: 13
Merit: 1


View Profile
January 14, 2019, 12:26:54 PM
Merited by Welsh (1)
 #27

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre
af_newbie
Legendary
*
Offline Offline

Activity: 1904
Merit: 1309



View Profile
January 14, 2019, 12:34:41 PM
 #28

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.

Religion is regarded by the common people as true, by the wise as false, and by the rulers as useful.
keychainX
Member
**
Offline Offline

Activity: 352
Merit: 52

Telegram @keychainxIO


View Profile WWW
January 15, 2019, 09:45:23 AM
 #29

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.


there are already 100 qubit boxes, and rumors of 500 qubit at military/goverment facilities in China.

That wakeup call may come sooner than you think Smiley

/KX

aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 15, 2019, 10:07:16 AM
 #30

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.


there are already 100 qubit boxes, and rumors of 500 qubit at military/goverment facilities in China.

That wakeup call may come sooner than you think Smiley
Doubt it, actually it will be delayed like for another more 30 years. Things get messy when the number of qubits increases. Meet my grand son in 2080.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
Wind_FURY
Legendary
*
Offline Offline

Activity: 1848
Merit: 1116


www.Crypto.Games: Multiple coins, multiple games


View Profile
January 15, 2019, 11:20:27 AM
Merited by Welsh (2), dbshck (2)
 #31

Bitcoin will be the least of the world's concerns if Quantum computers start rolling out within the next few decades. Banks, credit cards, the internet itself will be in trouble.

Plus I found this on Twitter, https://twitter.com/jsmith_crypto/status/1082101810456920065

Read it. The thread ended in, "My best guess for when Bitcoin and other cryptocurrencies will be practically threatened by quantum computers? 10-20 years". Shocked

████  ███████  ███
██████████
███      ███████
███      ███████████
██████████████████
████████
███   ████  ███████████
███ ███████████████
█████████
█████████████████
███  ███████
██████████████
███        ████████
███████████▀▀███▀▀███████████
██████▀▀     ███     ▀▀██████
████▀   ▄▄█████████▄▄   ▀████
████▄▄▄███▀  ▀█▀  ▀███▄▄▄████
██▀▀▀██▀      ▀      ▀██▀▀▀██
█▀  ▄██               ██▄  ▀█
█   ████▄▄         ▄▄████   █
█▄  ▀██▀             ▀██▀  ▄█
██▄▄▄██▄             ▄██▄▄▄██
████▀▀▀███▄ ▄█ █▄ ▄███▀▀▀████
████▄   ▀▀███▄█████▀▀   ▄████
███████▄     ███     ▄███████
███████████▄▄███▄▄███████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
..PLAY NOW..
███  ███████  ████
██████████
███████      ███
███████████      ███
██████████████████
████████
███████████  ████   ███
███████████████ ███
█████████
█████████████████
███████  ███
██████████████
████████        ███
keychainX
Member
**
Offline Offline

Activity: 352
Merit: 52

Telegram @keychainxIO


View Profile WWW
January 15, 2019, 01:03:42 PM
 #32

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.


there are already 100 qubit boxes, and rumors of 500 qubit at military/goverment facilities in China.

That wakeup call may come sooner than you think Smiley
Doubt it, actually it will be delayed like for another more 30 years. Things get messy when the number of qubits increases. Meet my grand son in 2080.


So what about this:

50 Qubit onsale online
https://www.engadget.com/2018/01/09/this-is-what-a-50-qubit-quantum-computer-looks-like/?guccounter=1
D-Wave claims to have 2000 Qubit
https://www.dwavesys.com/quantum-computing
Google had 75 qubit 10 months ago
https://thenextweb.com/artificial-intelligence/2018/03/06/google-reclaims-quantum-computer-crown-with-72-qubit-processor/
Rigetti has 128 qubit chip
https://medium.com/rigetti/the-rigetti-128-qubit-chip-and-what-it-means-for-quantum-df757d1b71ea

Still think its gonna take several decades?

Guess NSA has one tooo...

/KX

bartekjagoda
Jr. Member
*
Offline Offline

Activity: 88
Merit: 5


View Profile
January 15, 2019, 01:35:56 PM
 #33

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.


there are already 100 qubit boxes, and rumors of 500 qubit at military/goverment facilities in China.

That wakeup call may come sooner than you think Smiley
Doubt it, actually it will be delayed like for another more 30 years. Things get messy when the number of qubits increases. Meet my grand son in 2080.


So what about this:

50 Qubit onsale online
https://www.engadget.com/2018/01/09/this-is-what-a-50-qubit-quantum-computer-looks-like/?guccounter=1
D-Wave claims to have 2000 Qubit
https://www.dwavesys.com/quantum-computing
Google had 75 qubit 10 months ago
https://thenextweb.com/artificial-intelligence/2018/03/06/google-reclaims-quantum-computer-crown-with-72-qubit-processor/
Rigetti has 128 qubit chip
https://medium.com/rigetti/the-rigetti-128-qubit-chip-and-what-it-means-for-quantum-df757d1b71ea

Still think its gonna take several decades?

Guess NSA has one tooo...

/KX


You forgot NASA

 Ich liebe Bitcoin
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 15, 2019, 03:36:51 PM
 #34

bitcoin is the last system, sensitive mission critical system I mean, which would suffer from QC, you guys take your concerns to bankers for the starter, then come back to my grand, grand sons in like half a century later and give them heads up about bitcoin unconfirmed transactions with disclosed "old fashioned" pub keys that are subject to QC attack.

Personally I think it takes much longer for QC to grow enough to be able to break an ECDSA 256 bit cryptography in like 5 minutes (expected confirmation time) and it is just one heavy txn.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
AverageGlabella
Hero Member
*****
Offline Offline

Activity: 516
Merit: 691


View Profile
January 15, 2019, 11:52:05 PM
 #35

bitcoin is the last system, sensitive mission critical system I mean, which would suffer from QC, you guys take your concerns to bankers for the starter, then come back to my grand, grand sons in like half a century later and give them heads up about bitcoin unconfirmed transactions with disclosed "old fashioned" pub keys that are subject to QC attack.

Personally I think it takes much longer for QC to grow enough to be able to break an ECDSA 256 bit cryptography in like 5 minutes (expected confirmation time) and it is just one heavy txn.

It will get there eventually but we are a great way off of it coming a problem and by the time quantum computers that are capable of disrupting the ECDSA most modern technologies will have moved onto another system which is quantum resistant. Quantum resistant systems already exist so its as simple as implementing one which benefits Bitcoin more.
Laskoo
Full Member
***
Offline Offline

Activity: 364
Merit: 144


View Profile
January 16, 2019, 09:18:46 AM
 #36

Bitcoin will be the least of the world's concerns if Quantum computers start rolling out within the next few decades. Banks, credit cards, the internet itself will be in trouble.

Plus I found this on Twitter, https://twitter.com/jsmith_crypto/status/1082101810456920065

Read it. The thread ended in, "My best guess for when Bitcoin and other cryptocurrencies will be practically threatened by quantum computers? 10-20 years". Shocked

I think Bitcoin core developers are thinking already on how to change the code and make bitcoin signatures quantum proof.

And if you and others like you think that Bitcoin will be threaten by quantum computers in the next 10-20 years, then the Bitcoin developers must change the code in the next 5 years.
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
January 16, 2019, 10:26:16 AM
 #37

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

this would be a good practice to imagine a GRID of these 20 qubits is online out there and passing the calibration phase the begin mining..  Grin Grin

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
Wind_FURY
Legendary
*
Offline Offline

Activity: 1848
Merit: 1116


www.Crypto.Games: Multiple coins, multiple games


View Profile
January 20, 2019, 07:39:03 AM
 #38

Bitcoin will be the least of the world's concerns if Quantum computers start rolling out within the next few decades. Banks, credit cards, the internet itself will be in trouble.

Plus I found this on Twitter, https://twitter.com/jsmith_crypto/status/1082101810456920065

Read it. The thread ended in, "My best guess for when Bitcoin and other cryptocurrencies will be practically threatened by quantum computers? 10-20 years". Shocked

I think Bitcoin core developers are thinking already on how to change the code and make bitcoin signatures quantum proof.

And if you and others like you think that Bitcoin will be threaten by quantum computers in the next 10-20 years, then the Bitcoin developers must change the code in the next 5 years.

Yes they do. Adam Back talked about it in this inteview, https://stephanlivera.com/episode/42

He did not go into full detail or propose a roadmap on when to upgrade to a quantum-resistant signature scheme but he didn't sound that alarmed as well.

Quantum computers, as far as Bitcoin is concerned, might not be as bad as the FUD make it sound.

████  ███████  ███
██████████
███      ███████
███      ███████████
██████████████████
████████
███   ████  ███████████
███ ███████████████
█████████
█████████████████
███  ███████
██████████████
███        ████████
███████████▀▀███▀▀███████████
██████▀▀     ███     ▀▀██████
████▀   ▄▄█████████▄▄   ▀████
████▄▄▄███▀  ▀█▀  ▀███▄▄▄████
██▀▀▀██▀      ▀      ▀██▀▀▀██
█▀  ▄██               ██▄  ▀█
█   ████▄▄         ▄▄████   █
█▄  ▀██▀             ▀██▀  ▄█
██▄▄▄██▄             ▄██▄▄▄██
████▀▀▀███▄ ▄█ █▄ ▄███▀▀▀████
████▄   ▀▀███▄█████▀▀   ▄████
███████▄     ███     ▄███████
███████████▄▄███▄▄███████████
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
██
..PLAY NOW..
███  ███████  ████
██████████
███████      ███
███████████      ███
██████████████████
████████
███████████  ████   ███
███████████████ ███
█████████
█████████████████
███████  ███
██████████████
████████        ███
af_newbie
Legendary
*
Offline Offline

Activity: 1904
Merit: 1309



View Profile
January 21, 2019, 03:11:53 PM
 #39

IBM just released a new quantum computer, but it will still take a few years before applications can use its full potential.

See press release here: https://www.engadget.com/2019/01/08/ibm-q-system-one-quantum-computer/

its 20 qubit

//Andre

Wake me up when they release 3000 qubit QC.

See you in 2050.


there are already 100 qubit boxes, and rumors of 500 qubit at military/goverment facilities in China.

That wakeup call may come sooner than you think Smiley
Doubt it, actually it will be delayed like for another more 30 years. Things get messy when the number of qubits increases. Meet my grand son in 2080.


So what about this:

50 Qubit onsale online
https://www.engadget.com/2018/01/09/this-is-what-a-50-qubit-quantum-computer-looks-like/?guccounter=1
D-Wave claims to have 2000 Qubit
https://www.dwavesys.com/quantum-computing

Google had 75 qubit 10 months ago
https://thenextweb.com/artificial-intelligence/2018/03/06/google-reclaims-quantum-computer-crown-with-72-qubit-processor/
Rigetti has 128 qubit chip
https://medium.com/rigetti/the-rigetti-128-qubit-chip-and-what-it-means-for-quantum-df757d1b71ea

Still think its gonna take several decades?

Guess NSA has one tooo...

/KX


D-wave access is costly.  Try their Leap account.  You get 1 min/month of free QPU time.  Commercial access is $2000/hr/month.

I tried their 'dwave' SDK SPI, no solvers were available for the supplied endpoint and my API token.  Pretty useless.

Smoke and mirrors if you ask me.

Try it for yourself: https://cloud.dwavesys.com/leap/

It is not something you can buy on newegg.com and use it.

Religion is regarded by the common people as true, by the wise as false, and by the rulers as useful.
r1s2g3
Sr. Member
****
Offline Offline

Activity: 742
Merit: 393


I am alive but in hibernation.


View Profile
January 24, 2019, 03:43:27 AM
 #40



Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.


I am alive
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2818


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
January 24, 2019, 09:40:35 AM
 #41

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

There are plenty reason, but the main reason is Bitcoin transaction is irreversible while transaction on banks can be reversed. Additionally i'm sure few banks have system to detect unusual/weird activity and intentionally make user wait few days on big transaction.

mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
January 25, 2019, 09:10:45 AM
 #42

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't implement in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 25, 2019, 09:28:39 AM
Merited by ETFbitcoin (1)
 #43

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.
With all due respects, I think both you and @ETFbitcoin are wrong here:

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.

The basic property of asymmetric encryption is not used to keep customers safe against adversaries and intruders it is used to keep them both safe and responsible against service providers like banks.

Suppose I could convince a court about my bank having access to QC computing power enough to extract my ECDSA private key from my pub key (which it has access to)  I would announce void any transaction that I wish and reclaim my founds. Bank has enough time and resources to break my key and forge transactions on behalf of me and it is why e-commerce will collapse a very long time before bitcoin. In the latter case adversaries should have access to QC power enough to do the job in few minutes that a txn is pending.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 150

..


View Profile WWW
January 25, 2019, 09:36:24 AM
 #44

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.


totally true, BUT a centralized system like banking system could simply publish an announcement about abandoning e-signs (for a while) and ask its customers for get back to the traditional paper-based methods. I mean they that several alternatives, but a crypto only could survive in virtual world.

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 25, 2019, 09:49:19 AM
Merited by ETFbitcoin (1)
 #45

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.


totally true, BUT a centralized system like banking system could simply publish an announcement about abandoning e-signs (for a while) and ask its customers for get back to the traditional paper-based methods. I mean they that several alternatives, but a crypto only could survive in virtual world.
But a paper-based finance wouldn't be usable for practical purposes and it is not anything less than a total collapse of e-commerce anyway. The point is it happens like a decade or more before QC would become efficient enough to break the bitcoin keys in like 5 minutes, hence bitcoin is not the primary vulnerable system and we can just simply wait for them to fix the problem.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
X7
Legendary
*
Offline Offline

Activity: 1120
Merit: 1009


Let he who is without sin cast the first stone


View Profile
January 25, 2019, 03:21:23 PM
 #46

If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

A few lines of code would strengthen the resistance, it is something we as a community would have to keep a keen eye on to mitigate risk before wallets are compromised etc - but if quantum is unlocked in a true way the world has more worries than crypto tbh. Like global mayhem if used by bad actors

For what shall it profit a man, if he shall gain the world, and lose his own soul?
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2818


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
January 25, 2019, 06:42:28 PM
 #47

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.

I agree, but realistically :
1. Bank will move to quantum-resistant cryptography before QC which can break today's cryptography unless their security team is lazy/corrupt or they don't know the risks.
2. Bank can force customers to use Hardware 2FA (sometimes it's called security token) for all transaction

Additionally, they can force all customers to replace their banks cards while in Bitcoin it's more difficult and people who re-using address are at risks.

aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 25, 2019, 09:42:27 PM
Last edit: January 25, 2019, 10:12:05 PM by aliashraf
 #48

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.
2. Bank can force customers to use Hardware 2FA (sometimes it's called security token) for all transaction
Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1890
Merit: 2818


NotYourKeys.org - Not Your Keys, Not Your Bitcoin


View Profile
January 26, 2019, 09:53:42 AM
 #49

Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.

CMIIW, but assuming hardware 2FA/security token is 100% offline, handed by banks to user directly and assuming the server is secure, public key leakage shouldn't be possible which makes it's not broken against QC.

aliashraf
Legendary
*
Offline Offline

Activity: 1344
Merit: 1025

Always remember the cause!


View Profile WWW
January 26, 2019, 03:24:06 PM
Merited by ETFbitcoin (1)
 #50

Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.

CMIIW, but assuming hardware 2FA/security token is 100% offline, handed by banks to user directly and assuming the server is secure, public key leakage shouldn't be possible which makes it's not broken against QC.
Sure it's breakable by QC:
For the token to be useful bank should be able to verify the signature against user's public key so it has access to the key. Suppose I claim  a refund for a transaction that is not refundable, arguing in a court like this:
"Having access to my public key, my bank has cracked my private key using heir QC facility and have forged the transaction on behalf of me"
Obviously, the court would urge the bank to compensate my damages besides announcing the transaction void.

             ▄██▄
   ▄██▄      ▀█▀▀     ▄██▄
   ▀██▀▄  ▄▄█████▄▄  ▐███▀
       ███████████████
      ████████▀▄▄▄▀████
 ▄▄  ▐███▀▄▀██▄▀▀▀▄█████  ▄▄
████▀█████▄███▀▀█████ ██▀████
 ▀▀  ▐███▄███ ██ ████ █▌  ▀▀
      ▀████▄██▄▄███▀▄█▀
    ▄▄ █▀██████▀▄▄▄█▀█ ▄▄
   ████▀   ▀▀▀█▀▀▀   ▐████
    ▀▀       ▄██▄      ▀▀
             ▀██▀
⟩ ⟩ ⟩             ▄▄▄
  ▄▄▄▄▄▄▄▄▄▄█   █▄
 █           ▀▀▀  █
 ▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀
▄▀▀ ▄▄▄▄▄▄▄▄▄▄▄▄ ▀▀▄
█ ▄▀ ▄▄▄▄▄▄▄    ▀█ █
█ █ █       █    █ ▄
█ █ ▄▀▀▀▀▀▀▄▄    █ █
█ █ ▀▄▄▄▄▀▀▄▄▀▀▄ █ █
█ █ █   █  ██  █ █ █
█ █ ▄▀▀▀▀▄▄▀▀▄▄▀ █ █
█ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ █
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
⟩ ⟩ ⟩       ▄████▄  ▄████▄
      ████████████████
      ████████████████
       ██████████████
        ▀██████████▀
██        ▀██████▀        ██
██▌   ▄            ▄   ▐██
███  ███▄          ▄███  ███
▀███▄ ▀███▄      ▄███▀ ▄███▀
  ▀████████      ████████▀
     ▀████▀      ▀████▀
     ▄   ▄▄      ▄▄   ▄
     ▀█████      █████▀
r1s2g3
Sr. Member
****
Offline Offline

Activity: 742
Merit: 393


I am alive but in hibernation.


View Profile
January 26, 2019, 04:23:00 PM
 #51

I see lot of technical point discussed here about the safety of money in bank vs vulnerability in their system too. Anyway bank and financial institution will spend money or other measure to safeguard money.
But what now concern s me that QC just make any online system ( that keep password) very vulnerable until they don't put QC resistant algorithm. With current price of QC , I think these algorithm will be sold in much premium cost. It means securing information in any online system will be going to most expensive way. Will be going back to eras of pre 1990s then.

I am alive
Pages: 1 2 3 [All]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!