Bitcoin Forum
November 13, 2024, 05:19:16 PM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Bitcoin Security vs Quantum Computing  (Read 683 times)
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
May 31, 2020, 10:48:36 AM
 #21

so that article that says 2-3 years is wrong ?

Definitely.
Don't trust random online articles.

Quantum computers won't be a threat for the next decade.



there is nothing called bitcoin encryption, but sha-256 or aes encryption, used by bitcoin core wallets to encrypt your keys.

Note that sha is not an ecryption algorithm, but a hash function.
Also, the risk with quantum computers wouldn't be AES or any other symmetric encryption algorithm, but the asymmetric ones (e.g. RSA) where the algorithm relies on mathematical problems.
The attack vector on bitcoin wouldn't be the encryption of keys on a local wallet, but the ECDSA.

pooya87
Legendary
*
Offline Offline

Activity: 3626
Merit: 11031


Crypto Swap Exchange


View Profile
May 31, 2020, 11:04:01 AM
 #22

so far the estimations i have seen are in the matter of 20 to 30 years.

so that article that says 2-3 years is wrong ?

also, if and when QC becomes more easily available, wouldn't bitcoin devs consider 'upgrading' the encryption to QC proof, or is that already completely set in stone for BTC ?

well it is not exactly an "article". it looks more like a clickbait and it is throwing random names around and is vague about its sources calling them "experts". who are these experts? where is the proof?

besides both of the main cryptography functions used by bitcoin (SHA256 and Elliptic Curve Cryptography) is used almost the entire internet. for example when you visit your google account your communication is encrypted using ECC on P256 curve and same SHA256 as the hash function. the rest use RSA which is pretty similar.
the whole internet would fall apart if were were that close...

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
HeRetiK
Legendary
*
Offline Offline

Activity: 3108
Merit: 2177


Playgram - The Telegram Casino


View Profile
May 31, 2020, 02:43:24 PM
Merited by Keiser Soze (1)
 #23

so far the estimations i have seen are in the matter of 20 to 30 years.

so that article that says 2-3 years is wrong ?

We'll only know in hindsight but currently there's no basis to reasonably assume a timespan as short as 2-3 years. Maybe in a decade or two, but everything earlier seems highly speculative.


also, if and when QC becomes more easily available, wouldn't bitcoin devs consider 'upgrading' the encryption to QC proof, or is that already completely set in stone for BTC ?

Switching to a quantum proof signature scheme has been discussed every now and then for a couple of years now, challenge being that the currently most likely candidate -- Lamport signatures -- are much larger than what Bitcoin uses right now (40-170 times, according to the Bitcoin wiki [1]). Accordingly we're unlikely to see a switch to quantum proof signatures until the future of QC becomes much clearer or a more compact signature scheme is found.

[1] https://en.bitcoin.it/wiki/Quantum_computing_and_Bitcoin


If QC with big qubits will be available within next 2-3 years, everyone in software department will be in panic how to migrate their legacy code to use quantum resistant cryptography or make sure their customer update their software within 2-3 years.

Oof, I'm getting nightmares just imagining it.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
Wind_FURY
Legendary
*
Offline Offline

Activity: 3108
Merit: 1936



View Profile
June 01, 2020, 08:02:21 AM
 #24


so that article that says 2-3 years is wrong ?


Definitely.
Don't trust random online articles.

Quantum computers won't be a threat for the next decade.


Bitcoin's "failure" should be the minimum of everyone's problems with the birth of actual quantum computers. I believe that everyone should worry about the banks/governments/military. Hahaha.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
notblox1
Legendary
*
Offline Offline

Activity: 2240
Merit: 1318


Logo Designer ⛨ BSFL Division1


View Profile WWW
June 03, 2020, 02:07:55 PM
 #25

I agree with previous post.
If Bitcoin encryption is ever broken, all other systems will also be broken together,
because all institutions use similar encrypton.
In future, we can also expect improvement in Bitcoin code, so I don't worry about this at all.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
seoincorporation
Legendary
*
Offline Offline

Activity: 3332
Merit: 3116



View Profile
June 03, 2020, 04:23:20 PM
 #26

...

Any thoughts on the above?

This topic has been discussed a lot since the quantum computers become a reality, abt the answer is NO, we don't have to be afraid from them. And if they can break sha256 then there are bigger things to worry about like hackers getting access to millitar technology.

▄▄███████▄▄
▄██████████████▄
▄██████████████████▄
▄████▀▀▀▀███▀▀▀▀█████▄
▄█████████████▄█▀████▄
███████████▄███████████
██████████▄█▀███████████
██████████▀████████████
▀█████▄█▀█████████████▀
▀████▄▄▄▄███▄▄▄▄████▀
▀██████████████████▀
▀███████████████▀
▀▀███████▀▀
.
 MΞTAWIN  THE FIRST WEB3 CASINO   
.
.. PLAY NOW ..
bob123
Legendary
*
Offline Offline

Activity: 1624
Merit: 2481



View Profile WWW
June 03, 2020, 04:26:11 PM
 #27

If Bitcoin encryption is ever broken, all other systems will also be broken together,
because all institutions use similar encrypton.

Bitcoin doesn't use any encryption at all.
Bitcoin makes use of signatures. That's the crucial part which might be broken with QCs.

Same applies to other institutions. The problem isn't just (asymmetric) encryption, but signatures and therefore besides confidentiality also integrity and authenticity.

Cnut237
Legendary
*
Offline Offline

Activity: 1904
Merit: 1277



View Profile
June 04, 2020, 10:13:52 AM
 #28

It might be worth me sharing this again, a summary of how QCs can affect bitcoin:

Mining can potentially be much quicker with QCs.
The current PoW difficulty system can be exploited by a Quantum Computer using Grover’s algorithm to drastically reduce the number of computational steps required to solve the problem. The theorised advantage that a quantum computer (or parallelised QCs) have over classical computers is a couple of orders of magnitude, so ~x100 easier to mine. This isn’t necessarily a game-changer, as this QC speed advantage is likely to be some years away, by which time classical computers will surely have increased speed to reduce the QC advantage significantly. It is worth remembering that QCs aren’t going up against run-of-the-mill standard equipment here, but rather against the very fast ASICs that have been set up specifically for mining.

Re-used BTC addresses are 100% vulnerable to QCs.
Address Re-Use. Simply, any address that is re-used is 100% vulnerable because a QC can use Shor’s algorithm to break public-key cryptography. This is a quantum algorithm designed specifically to solve for prime factors. As with Grover’s algorithm, the key is in dramatically reducing the number of computational steps required to solve the problem. The upshot is that for any known public key, a QC can use Shor’s approach to derive the private key. The vulnerability cannot be overstated here. Any re-used address is utterly insecure.

Processed (accepted) transactions are theoretically somewhat vulnerable to QCs.
Theoretically possible because the QC can derive private keys from used addresses. In practice however processed transactions are likely to be quite secure as QCs would need to out-hash the network to double spend.

Unprocessed (pending) transactions are extremely vulnerable to QCs.
As above, a QC can derive a private key from a public key. So for any unprocessed transaction, a QC attacker can obtain the private key and then create their own transaction whilst offering a much higher fee, so that the attacker’s transaction gets onto the blockchain first, ahead of the genuine transaction. So block interval and QC speed are both crucial here – it all depends on whether or not the a QC can hack the key more quickly than the block is processed.


Possible defences...

Defences using classical computers.
  • Modify the PoW system such that QCs don’t have any advantage over classical computers. Defending PoW is not as important as defending signatures (as above), because PoW is less vulnerable. However various approaches that can protect PoW against QCs are under development, such as Cuckoo Cycle, Momentum and Equihash.
  • Modify the signature system to prevent easy derivation of private keys. Again, various approaches are under development, which use some pretty esoteric maths. There are hash-based approaches such as XMSS and SPHINCS, but more promising (as far as I can tell) are the lattice-based approaches such as Dilithium, which I think is already used by Komodo.

Defences using quantum computers.
As I’ve said a few times, I’m more of a bumbling enthusiast than an expert, but exploiting quantum properties to defend against QC attack seems to me a very good idea. In theory properties such as entanglement and the uncertainty principle can offer an unbreakable defence. Again, people are busy researching this area. There are some quite astonishing ideas out there, such as this one.


... but apart from all of this, migrating bitcoin to a quantum-proof system brings its own challenges. Coins will only be safe once they have been moved to new, quantum-proof addresses. What happens to those coins that aren't moved? They would remain vulnerable, and could still be stolen using a QC. Should these be burned to prevent theft, or should the theft be permitted? This is an important question with no obvious consensus on how it should be resolved. Potentially millions of coins would be vulnerable. Theft could tank the price and damage bitcoin irreparably, but burning 'someone else's' coins could do the same thing. Theymos brought this subject up years ago, and as far as I'm aware it is still a contentious issue.






Keiser Soze (OP)
Jr. Member
*
Offline Offline

Activity: 91
Merit: 5


View Profile
June 04, 2020, 10:49:12 AM
 #29

Thank you all very much for the informative replies. Truly educational!

If I had more sendable merit, I'd be spreading it around this thread.
beniissembert
Newbie
*
Offline Offline

Activity: 20
Merit: 1


View Profile WWW
June 05, 2020, 08:01:20 AM
 #30


Just adding my humble piece here.
Quantic-based computing is only a very vague theory that has been translated into very early practical use-cases.
If I would need to pick an example of the past, it would be like saying that 1946's first computer is able to unlock the 2020 Iphone.
Joke apart, this is not far from this.
Most of the Quantum Computing is made currently within very specific universities and there are around a dozen of startups trying to surf on the wave.
Bitcoin and other cryptographic-based digital assets are safe... for now.

Thank you all very much for the informative replies. Truly educational!

If I had more sendable merit, I'd be spreading it around this thread.

Thank you all very much for the informative replies. Truly educational!

If I had more sendable merit, I'd be spreading it around this thread.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!