Can quantum technology crack the secret key in the future?

[wsxqaz123]

Will the future technology crack very complex passwords soon?

[1713411709]

1713411709

[1713411709]

1713411709

[1713411709]

1713411709

[1713411709]

1713411709

[ranochigo]

Yes and no. Quantum computing is very useful for integer factorization with Shor's algorithm and offers an advantage for asymmetric algorithms to be cracked. This means that any pre-existing technology that uses public key cryptography, such as RSA and ECDSA are susceptible to such attacks. Is it more profitable for governments (presumably because they will have the budget required to operate one) to break TLS encryption or Bitcoin public keys? As of now, we're still quite a few years away from quantum computers with sufficient qubit to be able to crack asymmetric algorithms.

On the other hand, Grover's algorithm offers a quadratic speed up for symmetric algorithms. If your encryption cipher has a large enough key size, you're safe.

[akirasendo17]

as far I know, to crack a complex password for example sha , you'll need centuries to crack those and you need like hundred supercomputers to do that but before that happens you'll be already dead when it happens, that's what I have read somewhere, but its just an estimate time and date not exact, so I think its a complete waste of time doing that.

[aoluain]

I have heard the argument that if someone was to try and use
quantum computing to crack Bitcoin and passwords it would be
far more economical to actually start mining Bitcoin instead.

The power used trying to crack or hack the network or crack
passwords would be more beneficially used to help the network.

Then of course quantum computing is not just going to happen
miraculously overnight, its a technological journey and everybody
involved in the tech space is working towards the same basket of goals,
including quantum computing, so I dont have anything to fear
from QC.

[pakhitheboss]

as far I know, to crack a complex password for example sha , you'll need centuries to crack those and you need like hundred supercomputers to do that but before that happens you'll be already dead when it happens, that's what I have read somewhere, but its just an estimate time and date not exact, so I think its a complete waste of time doing that.

Yes, you are write and this is where quantum computing comes in place as it can do calculation in just hours, which can take centuries for a few super computers.

I only know quantum computing is still in its early stages and it will be baseless to debate about a product which is not yet ready. IBM has been working on it and they have not yet confirmed when will it be ready.

[lovesmayfamilis]

Quantum computers have long been called the future threat to the blockchain. But you also need to understand that even if such computers appear, it will not be a generally available technology. The owners of such computers will be research centers. For scammers, I think the purchase of this will not be available. Therefore, if we talk about hacking, then either large companies or the state itself can carry out them. Which by itself contradicts the possession of such technologies.
It should also be borne in mind that bitcoin itself develops annually, and while one industry is developing, another can also go-ahead for several decades.

[TheNineClub]

I know we are talking about quantum computing which is considered the be-all and end-all of technological advancement in any field but is it possible that encrypting as well will have its own evolution as it did so far. I'm looking at it like this, and mind you, this is a simplistic explanation so feel free to correct me, but as a quantum computer can decipher something, it can also make something more complex if the inputter wanted to go in that direction. If that is the case, since most research labs and governments will have access to it, they will surely want to explore new security and decryption option with it, at least to see if they could crack them.

[aoluain]

Yes as above I posted that Quantum Computing can be used to enhance a network rather than attack it.

So essentially the playing field remains as it is or the 'cat and mouse' game, lets say between developers
and hackers remains the same but on a different level.

[mrob82]

Yes and no. Quantum computing is very useful for integer factorization with Shor's algorithm and offers an advantage for asymmetric algorithms to be cracked. This means that any pre-existing technology that uses public key cryptography, such as RSA and ECDSA are susceptible to such attacks. Is it more profitable for governments (presumably because they will have the budget required to operate one) to break TLS encryption or Bitcoin public keys? As of now, we're still quite a few years away from quantum computers with sufficient qubit to be able to crack asymmetric algorithms.

On the other hand, Grover's algorithm offers a quadratic speed up for symmetric algorithms. If your encryption cipher has a large enough key size, you're safe.

The problem is they are going to break it down, I'm sure you understand this - but others might not.  The real question is whether they are going to be able to use partial searches/partitions in order to run the algo faster.  If they can create the correct local iteration in order to speed up the process, it might work.  The next part of the problem is whether to grid up the local partitions in order to create a more complex algo that cane be increased by "n" speed as it is increased by 1 partition.  Who knows, haven't researched it in a while.

[Welsh]

No, since quantum computers will likely be only available to governments, and potentially high level companies. They wouldn't have any reason to attack specific users, or even Bitcoin in general. There's also been discussion that when the time is needed, Bitcoin could look into implementing a quantum computer resistant algorithm. Honestly, we are quite some ways off of having a computer with enough qubits to succeed. Even then, it requires motive which those that have possession or even the capabilities of quantum computing, aren't likely to concern themselves with.

[erikoy]

It will take more time to develop such computer. For now it could be consider as fiction like the earlier scientist where they predicted the invention of flying vehicles and even they were called as crazy before thinking of such impossible to happen. But it did and airplane was being invented. Now in regards to quantum computer, it will be complicated and will going to require devices compressed already to a minimal size with powerful designs of circuits that will going to run as  quantum computer.

[Welsh]

It will take more time to develop such computer. For now it could be consider as fiction like the earlier scientist where they predicted the invention of flying vehicles and even they were called as crazy before thinking of such impossible to happen. But it did and airplane was being invented. Now in regards to quantum computer, it will be complicated and will going to require devices compressed already to a minimal size with powerful designs of circuits that will going to run as  quantum computer.

Kind of I guess. Quantum computers definitely are possible, and have been made just not at the required power to be able to effect current standard algorithms. A quantum computer isn't very likely to be compressed any time soon, it might not even be physically possible, because of the amount of power that it requires, it needs to be cooled effectively. If you compress the machine too much, then that defeats the point. It would probably require operating in a sub zero room for it to be efficient also.

[mike2077]

So are we safe in foreseeable future?

[PrimeNumber7]

No, since quantum computers will likely be only available to governments, and potentially high level companies. They wouldn't have any reason to attack specific users, or even Bitcoin in general.

IBM currently allows public access to their quantum computers.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.

[ranochigo]

IBM currently allows public access to their quantum computers.

Depends on how you look at it. It consists of 2x 5 qubit processors and a 16 qubit processor. So, not really practical to attack cryptography at all. As to the prior argument, I would say that if there comes a day where quantum computers are powerful enough, the governments will keep it for themselves. Breaking asymmetric cryptography is useful for espionage and mass surveillence, don't think they have any incentives to do so.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.

Comes down to opportunity cost. I don't see quantum computers with that many qubits to be readily available and they would very much rather use it for deciphering sensitive information. Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.

[figmentofmyass]

Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.

we could soft fork to add a new quantum-resistant signature type fairly quickly, but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.

that was the thinking behind theymos' comments here, which were not well received: https://www.reddit.com/r/Bitcoin/comments/4isxjr/petition_to_protect_satoshis_coins/d30we6f/

This issue has been discussed for several years. I think that the very-rough consensus is that old coins should be destroyed before they are stolen to prevent disastrous monetary inflation. People joined Bitcoin with the understanding that coins would be permanently lost at some low rate, leading to long-term monetary deflation. Allowing lost coins to be recovered violates this assumption, and is a systemic security issue.

it's a sticky subject. theft is wrong, but so too is willfully ignoring all users' expectations of controlled bitcoin inflation. lost coins were supposed to be a donation to the rest of us---at least that's what satoshi said---not recirculated into the supply.

[mike2077]

but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.

1. Not all Bitcoin on legacy address is vulnerable, only address where it's public known is at risk.
2. Quantum Computer can brute-force private key from public key far faster, but not instant. The actual owner can move their Bitcoin to quantum-resistant address with high fees.

2. so how this is different than brute-force from just an address?

[figmentofmyass]

but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.

1. Not all Bitcoin on legacy address is vulnerable, only address where it's public known is at risk.

i didn't say all legacy addresses were vulnerable, but we already know that many millions of coins currently are. consider this: https://twitter.com/pwuille/status/1108085284862713856

My answer is (c) 5M-10M BTC. This includes all outputs with P2PK/raw multisig outputs, plus P2PKH outputs with known pubkeys, and P2SH/P2WSH with known scripts.

granted, as the threat nears, a lot of those coins will be moved to quantum-resistant outputs. but if any of the estimates about the # of lost coins are remotely correct and we account for user ignorance/inaction, we could still be talking 3, 4, 5+ million vulnerable coins.

2. Quantum Computer can brute-force private key from public key far faster, but not instant. The actual owner can move their Bitcoin to quantum-resistant address with high fees.

i think it would be reckless to make that assumption. it underestimates the potential power of the adversary's hypothetical machine. we may be talking about the same situation as a race attack. if the adversary forces a holder to spend all their coins as mining fees, the end result is the same---he loses his coins and they are recirculated into the supply.

it's also very unlikely that all holders of vulnerable outputs would be in a position to race the adversary. we're talking about a window of minutes or even seconds.

[ranochigo]

2. so how this is different than brute-force from just an address?

Quantum computers do not provide a sufficient speedup for your hashing algorithm which is your RIPEMD160 and SHA256 which wouldn't allow them to be able to get to your ECDSA public key which would be required for to be able to get your private key from your public key.

i think it would be reckless to make that assumption. it underestimates the potential power of the adversary's hypothetical machine. we may be talking about the same situation as a race attack. if the adversary forces a holder to spend all their coins as mining fees, the end result is the same---he loses his coins and they are recirculated into the supply.

it's also very unlikely that all holders of vulnerable outputs would be in a position to race the adversary. we're talking about a window of minutes or even seconds.

I would think that a collusion with a mining pool would make this far easier with them only accepting the attacker's TX. I couldn't find any other relevant information regarding the number of qubits required but I remember that you'll need a fairly high number of qubits to be able to pull this off within an hour. All the scenarios described are purely hypothetical. I wouldn't really believe that the adversary, if it's a government would truly be interested in attacking Bitcoin as it's merely a low hanging fruit with fairly low rewards.

[PrimeNumber7]

IBM currently allows public access to their quantum computers.

Depends on how you look at it. It consists of 2x 5 qubit processors and a 16 qubit processor. So, not really practical to attack cryptography at all.

My point is that QC tech is currently publicly available. I would anticipate it will continue being publicly available, probably a few generations behind the 'state of the art' technology.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.

Comes down to opportunity cost. I don't see quantum computers with that many qubits to be readily available and they would very much rather use it for deciphering sensitive information. Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.

As to the prior argument, I would say that if there comes a day where quantum computers are powerful enough, the governments will keep it for themselves. Breaking asymmetric cryptography is useful for espionage and mass surveillence, don't think they have any incentives to do so.

I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.