BUT THAT'S NOT THE POINT! My point is if you consider only classical computing in the last 30 years we've moved from KiloFlops to PentaFlops .. it is easy to assume that in the next few decades, we can easly achieve 10^30 / 10^40

Which is still essentially nothing. For classical computing you move the timescale from quadrillions of years down to only millions of years. Congratulations.

(we've already gone past the point of cracking 2^128 or 128bits in a few seconds)

No we haven't, no key with 128 bit strength has been brute forced. You can't simply compare key size. A 256 bit ECC key has equivalent strength to a 3,072 bit RSA key and a 128 bit symmetric key/hash. You may be talking about some individual algorithms being cryptographically broken, it is hard to tell because you are all over the place. I already pointed out that is possible but it has nothing to do with

In the 80/90s people (like you) were claiming 56 bit encryption was impossible to crack, and you know what, it takes like **3s** and less to break with our current supercomputers!

No people like me would have been warning that 56 bits was insufficient due to the fact that it was within 1000x of what current computing power was capable of. That is a far cry from saying 128 bit key strength is secure because it uses energy on a scale that would make brute infeasible. If we pretend the entire Bitcoin network (30 PH/s) "could" brute force symmetric keys at the same speed instead it would be able to brute force an 80 bit symmetric key in about one year. If it was 1000x more powerful it could brute force a 96 bit symmetric key in about a century. If it was a million times powerful it would still take on average a millennium to brute force a 128 bit symmetric key. To do it in a year would require a system which is a billion times more powerful.

None of those (except QC) would do anything more than switching from a teaspoon to a bucket when trying to empty an ocean.

Wrong as proven above.

Proven doesn't mean what you think it means. Proven doesn't mean spouting out false statements, gibberish, and strawmen.

[regarding 40,000 qubit computer] it will happen in the next decade or the one folowing, considering we've moved from 4 Qubits to 128 in a very short laps of time heck Dwave just released a 512 Qbits Processor and they claim to have a 1000 Qubits in their lab ready to roll

Dwave's system is not capable of implementing Shor's algorithm. It uses a process called quantum annealing. Quantum Computing isn't some super duper magical bullet which solves all problems all the time. Quantum annealing is a pretty cool concept for solving

**certain types of problems** like pathfinding, simulating organic processes, network optimization, etc. It is completely useless for the purposes of breaking cryptographic keys.

On the progress of building a true general purpose quantum computer capable of implementing shor's algorithm the progress has been very slow. 15 was factored in 2001 using Shor's algorithm and a 4 qubits QC. By 2012 that had progressed to factoring 21 in using 5 qubits. One estimate for the total physical qubits (including circuits for error control and correction) necessary for breaking 256 bit ECC is on the order of 40,000 qubits.

**We went from 4 to 5 in the space of a decade and the "finish line" is 40,000 qubits.** That could be doubled by switching to a 512 bit curve. Quantum Decoherence is a bitch.

The problem becomes increasingly difficult as the size of the computer grows. It may not be possible to accomplish that in our lifetimes. Wake me up when someone factors 32 bit number using quantum computing. If QC becomes a credible threat Bitcoin can evolve to addresses which use post-quantum cryptography.