Bitcoin Forum
February 19, 2020, 05:12:17 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 [3]  All
  Print  
Author Topic: Quantum Computing and Bitcoin  (Read 848 times)
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1918
Merit: 2204

Use SegWit and enjoy lower fees.


View Profile WWW
January 24, 2019, 09:40:35 AM
 #41

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

There are plenty reason, but the main reason is Bitcoin transaction is irreversible while transaction on banks can be reversed. Additionally i'm sure few banks have system to detect unusual/weird activity and intentionally make user wait few days on big transaction.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 147

..


View Profile WWW
January 25, 2019, 09:10:45 AM
 #42

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't implement in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Hero Member
*****
Offline Offline

Activity: 994
Merit: 727

always remember the cause


View Profile WWW
January 25, 2019, 09:28:39 AM
Merited by ETFbitcoin (1)
 #43

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.
With all due respects, I think both you and @ETFbitcoin are wrong here:

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.

The basic property of asymmetric encryption is not used to keep customers safe against adversaries and intruders it is used to keep them both safe and responsible against service providers like banks.

Suppose I could convince a court about my bank having access to QC computing power enough to extract my ECDSA private key from my pub key (which it has access to)  I would announce void any transaction that I wish and reclaim my founds. Bank has enough time and resources to break my key and forge transactions on behalf of me and it is why e-commerce will collapse a very long time before bitcoin. In the latter case adversaries should have access to QC power enough to do the job in few minutes that a txn is pending.
mixoftix
Member
**
Offline Offline

Activity: 104
Merit: 147

..


View Profile WWW
January 25, 2019, 09:36:24 AM
 #44

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.


totally true, BUT a centralized system like banking system could simply publish an announcement about abandoning e-signs (for a while) and ask its customers for get back to the traditional paper-based methods. I mean they that several alternatives, but a crypto only could survive in virtual world.

من مست و تو دیوانه، مارا که برد خانه!؟
translation from Persian:
I am drunk and you are insane, who will take us home!? --Rumi
aliashraf
Hero Member
*****
Offline Offline

Activity: 994
Merit: 727

always remember the cause


View Profile WWW
January 25, 2019, 09:49:19 AM
Merited by ETFbitcoin (1)
 #45

Just wondering why somebody having QC will like to attack bitcoin, when there is so much Fiat lying in banks ?
Don't you think that fiat in bank will be the first target before they will think of brute forcing bitcoin wallets.

as ETFBitcon mentioned above, the Banking system is centralized and roll-backing transactions are very legitimate procedures that could take place based on identified circumstances. imagine a credit card owner that gets hurt by a QC, then its owner could call her bank and report the problem and ask for roll-back.
AND centralized systems:

1. could simply equip by 2-factor authentication flows
2. do not let their routines be available for brute-forcing

we all know that an internet banking system only allows e.g. 3 or 5 unsuccessful try for login routine, otherwise they block a user account. such routines couldn't exist in decentralized architectures. attacking the HTTPS protocol will be trivial too, because the 2-factor auths that utilize advanced OTP generators could prevent any kinds of MITM attacks.

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.


totally true, BUT a centralized system like banking system could simply publish an announcement about abandoning e-signs (for a while) and ask its customers for get back to the traditional paper-based methods. I mean they that several alternatives, but a crypto only could survive in virtual world.
But a paper-based finance wouldn't be usable for practical purposes and it is not anything less than a total collapse of e-commerce anyway. The point is it happens like a decade or more before QC would become efficient enough to break the bitcoin keys in like 5 minutes, hence bitcoin is not the primary vulnerable system and we can just simply wait for them to fix the problem.
X7
Legendary
*
Offline Offline

Activity: 1078
Merit: 1009


An eye for an eye leaves the whole world blind


View Profile WWW
January 25, 2019, 03:21:23 PM
 #46

If Quantum Computing is released into the wild and starts to attack bitcoin , what measures would we see to mitigate these attacks?

A few lines of code would strengthen the resistance, it is something we as a community would have to keep a keen eye on to mitigate risk before wallets are compromised etc - but if quantum is unlocked in a true way the world has more worries than crypto tbh. Like global mayhem if used by bad actors

Helping to create the world's first loving economy, not something based on fear or greed. Principles of love, abundance, consistency, automation, decentralisation, open source, economic multifunctionality. Scientific analysis will be uploaded to my site shortly for peer review.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1918
Merit: 2204

Use SegWit and enjoy lower fees.


View Profile WWW
January 25, 2019, 06:42:28 PM
 #47

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.

I agree, but realistically :
1. Bank will move to quantum-resistant cryptography before QC which can break today's cryptography unless their security team is lazy/corrupt or they don't know the risks.
2. Bank can force customers to use Hardware 2FA (sometimes it's called security token) for all transaction

Additionally, they can force all customers to replace their banks cards while in Bitcoin it's more difficult and people who re-using address are at risks.

aliashraf
Hero Member
*****
Offline Offline

Activity: 994
Merit: 727

always remember the cause


View Profile WWW
January 25, 2019, 09:42:27 PM
Last edit: January 25, 2019, 10:12:05 PM by aliashraf
 #48

Electronic signature is the back bone of e-commerce and it would collapse totally once ECDSA becomes vulnerable to QC or any other technology and centralization won't help ever.
2. Bank can force customers to use Hardware 2FA (sometimes it's called security token) for all transaction
Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.
ETFbitcoin
Legendary
*
Offline Offline

Activity: 1918
Merit: 2204

Use SegWit and enjoy lower fees.


View Profile WWW
January 26, 2019, 09:53:42 AM
 #49

Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.

CMIIW, but assuming hardware 2FA/security token is 100% offline, handed by banks to user directly and assuming the server is secure, public key leakage shouldn't be possible which makes it's not broken against QC.

aliashraf
Hero Member
*****
Offline Offline

Activity: 994
Merit: 727

always remember the cause


View Profile WWW
January 26, 2019, 03:24:06 PM
Merited by ETFbitcoin (1)
 #50

Security tokens are a PKI derivative device which is hypothetically broken by QC.
2َّFA wouldn't be helpful. It is about convincing the bank that I'm online but doesn't prove anything about the actual transaction I made because it doesn't fix the deniability problem. Without secure asymmetric cryptography there is no way, absolutely no way to have e-commerce because any transaction would be eligible to be claimed as void in courts if the sender wishes to.

I think there is a confusion that should be resolved once forever: Electronic signatures like EDCSA are not used to convince banks or other service providers about authenticity of their users, they are used to resolve disputes between the two parties (users vs banks/services) in courts.

CMIIW, but assuming hardware 2FA/security token is 100% offline, handed by banks to user directly and assuming the server is secure, public key leakage shouldn't be possible which makes it's not broken against QC.
Sure it's breakable by QC:
For the token to be useful bank should be able to verify the signature against user's public key so it has access to the key. Suppose I claim  a refund for a transaction that is not refundable, arguing in a court like this:
"Having access to my public key, my bank has cracked my private key using heir QC facility and have forged the transaction on behalf of me"
Obviously, the court would urge the bank to compensate my damages besides announcing the transaction void.
r1s2g3
Sr. Member
****
Offline Offline

Activity: 658
Merit: 388


I am alive but in hibernation.


View Profile
January 26, 2019, 04:23:00 PM
 #51

I see lot of technical point discussed here about the safety of money in bank vs vulnerability in their system too. Anyway bank and financial institution will spend money or other measure to safeguard money.
But what now concern s me that QC just make any online system ( that keep password) very vulnerable until they don't put QC resistant algorithm. With current price of QC , I think these algorithm will be sold in much premium cost. It means securing information in any online system will be going to most expensive way. Will be going back to eras of pre 1990s then.

I am alive
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!