Can quantum technology crack the secret key in the future?

[ranochigo]

My point is that QC tech is currently publicly available. I would anticipate it will continue being publicly available, probably a few generations behind the 'state of the art' technology.

It is. I just don't see the point if they aren't sufficient for doing anything as much as attacking Bitcoin, nor would I think that anyone in the public would be able to have access to such technology at least until the point when the relevant cryptographic algorithms are phased out.

I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.

The threats of quantum computers are very real. That does not discount the fact that the incentives to attack Bitcoin pales in comparison to the other things that you can do with QC. You're assuming that we won't be able to at least adopt another QC resistant standards before it becomes a threat. Long before Bitcoin becomes a target, I would assume that we would've adopted another QC resistant algorithm. QC technologies seems to have an incremental improvement over the years and I don't think that a 2000qubit QC machine would be discovered overnight. As a state, I would think that they are more interested in collecting encrypted information rather than cracking a few Bitcoin keys, and I think the estimates for a ~1500qubit machine puts it at one PK per hour. I'm not exactly sure of the running costs of a quantum computer but I would probably think that it's not worth their time at an early stage where you would probably need a very precisely controlled conditions to keep it stable.

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

Yes, Bitcoin will definitely be affected by QC but the fact that it *probably* cannot be mass produced in the first place will bring about some doubts if people would want to start cracking the keys if they (the states) could stand to gain much more by starting to decrypt previously intercepted internet traffic. Anyhow, I would regard all of the discussions as speculations. If quantum computers gets cheap enough and collecting money is their main goal, then attacking a currency like Bitcoin could make some sense though the effects will be limited.

[PrimeNumber7]

I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.

The threats of quantum computers are very real. That does not discount the fact that the incentives to attack Bitcoin pales in comparison to the other things that you can do with QC. You're assuming that we won't be able to at least adopt another QC resistant standards before it becomes a threat. Long before Bitcoin becomes a target, I would assume that we would've adopted another QC resistant algorithm. QC technologies seems to have an incremental improvement over the years and I don't think that a 2000qubit QC machine would be discovered overnight. As a state, I would think that they are more interested in collecting encrypted information rather than cracking a few Bitcoin keys, and I think the estimates for a ~1500qubit machine puts it at one PK per hour. I'm not exactly sure of the running costs of a quantum computer but I would probably think that it's not worth their time at an early stage where you would probably need a very precisely controlled conditions to keep it stable.

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

Yes, Bitcoin will definitely be affected by QC but the fact that it *probably* cannot be mass produced in the first place will bring about some doubts if people would want to start cracking the keys if they (the states) could stand to gain much more by starting to decrypt previously intercepted internet traffic. Anyhow, I would regard all of the discussions as speculations. If quantum computers gets cheap enough and collecting money is their main goal, then attacking a currency like Bitcoin could make some sense though the effects will be limited.

QC can be used to decrypt encrypted communications between governments and their spies. It can also be used to decrypt encrypted military communications, and potentially impersonate the military command to military weapons. The above are likely the first use cases for QC technology that governments have access to and can keep secret.

If a government is researching QC technology, they are not necessarily going to make their progress public, nor will they keep the public informed about the status of the QC technology they have developed in any way. This means you will not know how effective the state of the art QC computers are.

In some amount of time, the US government is going to have access to QC technology that can trivially crack PK from a public key. The same is true for the Chinese government. At this time, neither will want to use the technology to steal bitcoin because they can use the technology to decrypt sensitive communications the other is sending. Once the US knows the Chinese have this technology (and vice versa), the technology is no longer useful for espionage because both governments will transition to QC resistant means of encryption.

There is also the risk of a rogue employee that could use QC technology they have access to in order to steal coin. Each of satoshi's mined blocks is currently worth about $1.75 million, which is a lot of money for anyone.

[RabbiTANK]

How can one answer this when this technology haven't been used to crack keys yet? The best answer is YES and NO, it's possible because it's a quantum tech and NO because it might not deliver up to how people are exaggerating the technology, the real answer is lost in the future, all we can do is wait to see

[figmentofmyass]

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

centralized organizations---military, corporations, banks---can harden their systems extremely quickly if necessary. bitcoin cannot. millions of coins will remain vulnerable.

I wouldn't really believe that the adversary, if it's a government would truly be interested in attacking Bitcoin as it's merely a low hanging fruit with fairly low rewards.

how about in 10 years? how about when bitcoin is bigger than gold's market?

i just don't understand the blind optimism. everything boils down to "even if it happens, nobody cares enough about bitcoin to attack it" or "everyone on the network---including the former owners of lost coins?---will magically move their coins the second before QC is a real threat". neither of those are believable to me.

Good point, but you forget that race attack can start when quantum-resistant address is available for use. If it's deployed before quantum computer with sufficient qubits exists (some source mention 1500 qubits for 256-bit ECC), then the owner have big start.

right, and you think that applies to everyone on the network? is satoshi gonna move his coins to quantum-resistant outputs too?

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged.

+1. the inertia around this subject, and the blind optimism that it will never have real consequences for bitcoin if we do nothing, is very frustrating to me.

[ranochigo]

centralized organizations---military, corporations, banks---can harden their systems extremely quickly if necessary. bitcoin cannot. millions of coins will remain vulnerable.

Judging by how most organizations outright refuse to upgrade their systems in a cost saving measure, it's debatable how quick that'll be. I'm not sure if there'll be a standards defined by then and whether consumers can roll out the update quickly.

how about in 10 years? how about when bitcoin is bigger than gold's market?

i just don't understand the blind optimism. everything boils down to "even if it happens, nobody cares enough about bitcoin to attack it" or "everyone on the network---including the former owners of lost coins?---will magically move their coins the second before QC is a real threat". neither of those are believable to me.

That'll be a speculation, just like what most of the thread is about. What if in 10 years, Bitcoin drops to $10 per coin? There's both ways this can go of course.

My take on this is that governments are not primarily very interested in monetary incentives**, if you consider that most of the country's GDP is way more than Bitcoin's market cap and you have to include the cost for running one as well and AFAIK, current technology is nowhere near the efficiency that we need and the difficulties of running one for long periods of time, I think it's close to 0K?

I don't think that there is any viable solution to stop potential attackers to benefit from the older coins and most of the current proposals are merely based on the economics of doing it. If you can propose a way to stop attackers from siphoning those funds without forcibly taking it away, I'll totally be behind that of course. Otherwise, the funds will eventually be stolen, when quantum technology gets cheap enough. I don't believe that either of the statement will be true but I do however believe Bitcoin will not be the first to be exploited.

** Again, this is another speculation. The cost of running one will be clearer once we get closer to the required qubit and frequency.

[PrimeNumber7]

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged.

+1. the inertia around this subject, and the blind optimism that it will never have real consequences for bitcoin if we do nothing, is very frustrating to me.

There are real incentives for governments to not use QC technology to steal bitcoin, but once it is publically known such technology exists in the present, it will be too late to change. The biggest risk is IMO a rogue employee who wants to steal bitcoin, or who wants to trade on insider information about making it known that QC technology can crack bitcoin private keys in some circumstances.