Google claims breakthrough in Quantum computing

[paxmao]

Bitcoin in danger?

This week, news has emerged that Google has made a recent quantum computing breakthrough, achieving quantum supremacy. It is being reported that Google, using a quantum computer, managed to perform a calculation in just over three minutes that would take the world's most powerful supercomputer 10,000 years.
...

According to Gizmodo, it has been long known that Google has been testing a 72-qubit device called Bristlecone with which it hoped to achieve quantum supremacy and the initial report from the Financial Times says that the supremacy experiment was instead performed with a 53-qubit processor codenamed Sycamore.

...

"Blockchains won't be ready for such a breakthrough. Since transaction history is the backbone of blockchains, such an improvement in quantum computing could be catastrophic for the whole transaction history," added the CTO. "There is an extra layer of protection with Bitcoin's double hashing but assuming a quantum computer is capable of Shor on secp256k1 it's safe to assume it's also capable of Grover256. Also, we don't know bounds for SHA regarding quantum circuits."
...

https://www.forbes.com/sites/darrynpollock/2019/09/24/googles-quantum-computing-breakthrough-brings-blockchain-resistance-into-the-spotlight-again/

[1714825770]

1714825770

[1714825770]

1714825770

[1714825770]

1714825770

[1714825770]

1714825770

[bluefirecorp_]

Wouldn't a quantum computer need 256 qubits to break bitcoin?

Also, if there's a strange amount of blocks being mined by a new entity, can't we just fork with a new algorithm (and fuck over ASIC manufacturers at the same time )

[paxmao]

Wouldn't a quantum computer need 256 qubits to break bitcoin?

Also, if there's a strange amount of blocks being mined by a new entity, can't we just fork with a new algorithm (and fuck over ASIC manufacturers at the same time )

Where do you get that number from? Just curious.

Is not about blocks mined, is about keys broken. Full collapse, hard fork, market stop...

[jackg]

I thought it broke at a complexity of 128^3 from what was previously discussed last time (I have no links though). Isn't this old news? I'm sure we saw the same headline about 6 months ago...

Forbes and the financial Times seem really awful sources nowadays, perhaps their editor bought stocks in Google or something..., There seemed to be a consensus that the sha256 hashing algorithm was quantum proof too - people don't want to act until the nsa release standards of quantum proof encryption so we're stuck in the hope that's the case anyway...

[bluefirecorp_]

Wouldn't a quantum computer need 256 qubits to break bitcoin?

Also, if there's a strange amount of blocks being mined by a new entity, can't we just fork with a new algorithm (and fuck over ASIC manufacturers at the same time )

Where do you get that number from? Just curious.

Is not about blocks mined, is about keys broken. Full collapse, hard fork, market stop...

Sha256... I guess it'd be the entropy of the hash. I just assumed sha256 had 256 bits of entropy. That's probably a horrible assumption considering the 256 is the digest.

Honestly, I figured breaking mining would break bitcoin more effectively than hacking addresses.

[paxmao]

Sha256... I guess it'd be the entropy of the hash. I just assumed sha256 had 256 bits of entropy. That's probably a horrible assumption considering the 256 is the digest.

qbits have 3 states

I thought it broke at a complexity of 128^3 from what was previously discussed last time...

Forbes and the financial Times seem really awful sources nowadays, ...

I do not understand clearly your point. For me it would be a question on how long would it take to break a key, so it would have to be measured in terms of the speed at which a key can be broken.

RE hype and such, of course, there is, but no, the news are recent.

[jackg]

https://youtu.be/lvTqbM5Dq4Q

This explains why the encryption algorithmm bitcoin uses will be insecure. It looks at rsa encryption and ecc is generally considered more secure but only by a magnitude of about 1024-256 (afaik but it was a long time since that module).


I think the thing with mining is that quantum computers will advance at the same rate so there'll still be competition between the miners and it won't be too difficult to turn sha256 into a 2048 bit bash or higher to keep advancing the algorithm (it's just a few OR operations anyway) - the affect of a new machine will probably be the current affect of bitmain making a new miner.

This explains sha better: https://youtu.be/DMtFhACPnTY

[paxmao]

... I figured breaking mining would break bitcoin more effectively than hacking addresses.

If you hack mining the benefit is not that much and it will likely be detected. However, if you break a key it would be blamed on the owner for "not securing it".

[aplistir]

I thought it broke at a complexity of 128^3 from what was previously discussed last time (I have no links though). Isn't this old news? I'm sure we saw the same headline about 6 months ago...

Forbes and the financial Times seem really awful sources nowadays, perhaps their editor bought stocks in Google or something..., There seemed to be a consensus that the sha256 hashing algorithm was quantum proof too - people don't want to act until the nsa release standards of quantum proof encryption so we're stuck in the hope that's the case anyway...

Sorry if I understood wrongly, but:
Did you mean complexity of 2^128, as that is the complexity of cracking bitcoin with the best known non QC algorithm. And QC could not use that algorithm, so it would probably need the full 256 qubits to do the calculations.

As adding more qubits to a QC gets exponentially harder, I do not believe we will see a true 256 qubit QC for a long looong time, if ever.

According to what I have read about the subject, sha256 is not vulnerable to quantum computers.

There are many people, who do not trust NSA any longer, so I wouldn't be so sure that bitcoin would move to their quantum "proof" standard when they publish one

[Thekool1s]

Bitcoin in danger?

Nope: https://www.youtube.com/watch?v=dGDlDH5CAPE

Gonna sleep like a baby tonight...

[paxmao]

Did you mean complexity of 2^128, as that is the complexity of cracking bitcoin with the best known non QC algorithm. And QC could not use that algorithm, so it would probably need the full 256 qubits to do the calculations.

...

I understood it with the first video on the thread. It seems that quantum computing is particularly effective at computing many states simultaneously and that is as well quite effective to break SHA crypto.

[mpufatzis]

Don't worry about.
If they have a working quantum computer they would keep it secret in order to use in case of war.
There are more important uses than using it for breaking BTC.
Do you remember what happened with enigma?
Alan Turing and his team constructed a machine that broke the codes made by enigma.
None new about it, this construction was revealed more then 30 years later in the '70s.

Bitcoin in danger?

This week, news has emerged that Google has made a recent quantum computing breakthrough, achieving quantum supremacy. It is being reported that Google, using a quantum computer, managed to perform a calculation in just over three minutes that would take the world's most powerful supercomputer 10,000 years.
...

According to Gizmodo, it has been long known that Google has been testing a 72-qubit device called Bristlecone with which it hoped to achieve quantum supremacy and the initial report from the Financial Times says that the supremacy experiment was instead performed with a 53-qubit processor codenamed Sycamore.

...

"Blockchains won't be ready for such a breakthrough. Since transaction history is the backbone of blockchains, such an improvement in quantum computing could be catastrophic for the whole transaction history," added the CTO. "There is an extra layer of protection with Bitcoin's double hashing but assuming a quantum computer is capable of Shor on secp256k1 it's safe to assume it's also capable of Grover256. Also, we don't know bounds for SHA regarding quantum circuits."
...

https://www.forbes.com/sites/darrynpollock/2019/09/24/googles-quantum-computing-breakthrough-brings-blockchain-resistance-into-the-spotlight-again/

[franky1]

qbits have 3 states

qubits actually have 4 states

binary has 2 states
0-1

qubit is base 4 or otherwise known as quarternary logic (as oppose to binary logic)
0  1
  X
2  3

[Cnut237]

qbits have 3 states

qubits actually have 4 states

binary has 2 states
0-1

qubit is base 4 or otherwise known as quarternary logic (as oppose to binary logic)
0  1
  X
2  3

Not really. It's still just 1s and 0s in quantum computing - the difference is superposition, the fact that in QC multiple states exist simultaneously. So as you increase the number of qubits (x), the processing power increases exponentially, 2^x.

With a single bit, a classical computer can be 0 or 1, but a single qubit can be 0 and 1... 2 states simultaneously.
With 2 bits, a classical computer can be 00, 01, 10 or 11... but still only processing sequentially, one outcome at a time... whereas a 2 qubit QC can be 00, 01, 10 and 11 simultaneously, so (crudely) analogous to 4 classical computers running at the same time.
With 3 bits, 8 possible states for a classical computer to process sequentially... and 8 (i.e., 2³) states for a QC to process simultaneously, like 8 classical computers running at the same time... etc.

It's this ability of QCs to try multiple paths simultaneously that makes them so good for problems like factoring. It doesn't mean they are hugely faster than classical computers for every task, but for certain specialised tasks a QC can turn the almost-impossible into the trivial.

Have a look at this thread if you're interested in QC - my favourite thread on the forum! We've been having an interesting and quite in-depth discussion!

[Cnut237]

Honestly, I figured breaking mining would break bitcoin more effectively than hacking addresses.

Mining is certainly vulnerable, but it's not the weakest point.
I had a try at summarising this a while ago on another thread...

Hi all   I thought I’d try to summarise Bitcoin's vulnerabilities to Quantum Computers, as well as some potential defences, and get it all in one post. Apologies for the wall of text, but hopefully it is useful...


Mining can potentially be much quicker with QCs.
The current PoW difficulty system can be exploited by a Quantum Computer using Grover’s algorithm to drastically reduce the number of computational steps required to solve the problem. The theorised advantage that a quantum computer (or parallelised QCs) have over classical computers is a couple of orders of magnitude, so ~x100 easier to mine. This isn’t necessarily a game-changer, as this QC speed advantage is likely to be some years away, by which time classical computers will surely have increased speed to reduce the QC advantage significantly. It is worth remembering that QCs aren’t going up against run-of-the-mill standard equipment here, but rather against the very fast ASICs that have been set up specifically for mining.

Re-used BTC addresses are 100% vulnerable to QCs.
Address Re-Use. Simply, any address that is re-used is 100% vulnerable because a QC can use Shor’s algorithm to break public-key cryptography. This is a quantum algorithm designed specifically to solve for prime factors. As with Grover’s algorithm, the key is in dramatically reducing the number of computational steps required to solve the problem. The upshot is that for any known public key, a QC can use Shor’s approach to derive the private key. The vulnerability cannot be overstated here. Any re-used address is utterly insecure.

Processed (accepted) transactions are theoretically somewhat vulnerable to QCs.
Theoretically possible because the QC can derive private keys from used addresses. In practice however processed transactions are likely to be quite secure as QCs would need to out-hash the network to double spend.

Unprocessed (pending) transactions are extremely vulnerable to QCs.
As above, a QC can derive a private key from a public key. So for any unprocessed transaction, a QC attacker can obtain the private key and then create their own transaction whilst offering a much higher fee, so that the attacker’s transaction gets onto the blockchain first, ahead of the genuine transaction. So block interval and QC speed are both crucial here – it all depends on whether or not the a QC can hack the key more quickly than the block is processed.


Possible defences...

Defences using classical computers.

• Modify the PoW system such that QCs don’t have any advantage over classical computers. Defending PoW is not as important as defending signatures (as above), because PoW is less vulnerable. However various approaches that can protect PoW against QCs are under development, such as Cuckoo Cycle, Momentum and Equihash.
• Modify the signature system to prevent easy derivation of private keys. Again, various approaches are under development, which use some pretty esoteric maths. There are hash-based approaches such as XMSS and SPHINCS, but more promising (as far as I can tell) are the lattice-based approaches such as Dilithium, which I think is already used by Komodo.
  

Defences using quantum computers.
As I’ve said a few times, I’m more of a bumbling enthusiast than an expert, but exploiting quantum properties to defend against QC attack seems to me a very good idea. In theory properties such as entanglement and the uncertainty principle can offer an unbreakable defence. Again, people are busy researching this area. There are some quite astonishing ideas out there, such as this one.


I’ll leave it there. Apologies for all the external links, but hopefully this has summarised a few things.

[franky1]

qbits have 3 states

qubits actually have 4 states

binary has 2 states
0-1

qubit is base 4 or otherwise known as quarternary logic (as oppose to binary logic)
0  1
  X
2  3

Not really. It's still just 1s and 0s in quantum computing - the difference is superposition, the fact that in QC multiple states exist simultaneously. So as you increase the number of qubits (x), the processing power increases exponentially, 2^x.

your funny, but appears your still reading the fluff 2016 media stuff
try actually reading the proper technical stuff and you know maybe try programming some

its 0123 no 01. it requires then a converter to turn the 0123 into 0,1 for logical computers to understand. which lays in  afew concerns at the moment as not all quantum results can translate into binary results that solve the binary problem trying to be solved.


but hey it will take you a while to get to program a quantum system, so have fun unwrapping the myths of multidimensional blackholes being part of it. (tip: its not about sci-fi stuff)
or maybe just realise the real answer that super position and multidimensional means 'more' positions and 'more' dimensions.. as in more then 2, meaning 4 and more than 2d meaning 3d

its not sci-fi its just moving from 2 to 4.
its like replacing a light switch for a light dimmer that has more brightness options.
not some entrance to other worlds of dopplegangers

if you look at a binary system of 8bits its like 0-0-0-0-0-0-0-0
where to light up all 8 requires 11111111
if you look at a quantum system its like
0 0 0 0
 X X X
0 0 0 0
where to light up all 8 requires 3 3 3

oh and here is a picture on the left that might help

(hint: no wormholes in sight)
(hint: no - but yes: x)

have a nice day

[Cnut237]

its 0123 no 01.

There are only 2 states contributing to the superposition, 0 and 1.

You mean 4 because the probability amplitudes are complex numbers and each have 2 degrees of freedom? So 2x2 =4? ... But probability is amplitude squared (the Born rule)... so we are back to 2.

[franky1]

its 0123 no 01.

There are only 2 states contributing to the superposition, 0 and 1.

You mean 4 because the probability amplitudes are complex numbers and each have 2 degrees of freedom? So 2x2 =4? ... But probability is amplitude squared (the Born rule)... so we are back to 2.

nope i mean X not -
4 edges not 2
the 2 states with 2 possible answer is the result after quantum converts back to binary
it gives 2 answers in binary

what your not realising is your still thinking logical 2 state

in quantum there is 4
0 is off 1 is 'kinda on' 2 is mostly on and 3 is on
0 is no 1 is maybe  2 is mostly  and 3 is yes
0 is false 1 is false unless  2 is true unless and 3 is true

google has the technology of 4 states and now is trying to code how to use it.
mostly they are dealing with DNA you know GTAC annd having fun with that as binary systems aint good at 4 state things in a 2 state limiting system

[Cnut237]

in quantum there is 4
0 is off 1 is 'kinda on' 2 is mostly on and 3 is on
0 is no 1 is maybe  2 is mostly  and 3 is yes
0 is false 1 is false unless  2 is true unless and 3 is true

google has the technology of 4 states and now is trying to code how to use it.
mostly they are dealing with DNA you know GTAC annd having fun with that as binary systems aint good at 4 state things in a 2 state limiting system

It's a superposition of 0 and 1. It's a continuum, an infinite number of possible values... but based on a superposition of 2 classical outcomes. A single qubit can only yield 0 or 1.

Can you give me a link to this '4 state' outcome stuff? I'm sure there is a misunderstanding somewhere. You get 4 possible outcomes from a 2 qubit system(2²), but 1 qubit can only give you 0 or 1. Google I think did 53 qubits, so 2⁵³, or 9007199254740992 outcomes.

[franky1]

if you think that qubits are binary(²). then your living in the 1970s only stuck viewing the converted value

maybe try looking into the use of quantum in DNA research
you think you are seeing binary of GTAC being assigned as
g=00        t=01    a=10      c=11
but thats the converted to binary result
in qantum its g=0 t=1 a=2 c=3

now try converting 0123 into binary
oh wait now you see your end result, but idnt see the bit in the middle

super position is mere then just legacy 2 positions
 there are 4
your 00 01 10 11 is just the post-conversion binary representation

right now there is no CPU with a graphic interface that can just accept 0123 as is. so a binary computer needs to be programed in binary and sent it to a quantum processor which converts it to 0123 and then processes it as 0123 and then converts it back to binary for a legacy system to display

its like chinese. an american has to use a translator to speak chinese and then use a translator to convert the chinese response back to american so that the american can then hold a conversation.
in this analogy you are acting as if the chinese guy is speaking american all along. but the truth is the american is only understanding the translator and has no clue whats being spoken in chinese

research: "4 quantum numbers"

In quantum mechanics, the principal quantum number (symbolized n) is one of four quantum numbers assigned to all electrons in an atom to describe that electron's state.