

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.



AzN1337c0d3r


May 01, 2012, 01:13:26 AM 

Shor's Algorithm applies to prime factorization, which SHA256 doesn't use. What you're looking for to crack SHA256 is Grover's Algorithm. Basically under classical models of computation the optimal way to find a matching hash is to simply search through the entire space yielding O(n). Under Quantum Computing the optimal time is O(n^0.5), which means effectively you have halved the keylength. For SHA256, it effectively becomes SHA128 to a Quantum computer. Now the question remains, can a Quantum search for SHA128 faster than a classical computer search through SHA256? With our current technology and for the foreseeable future, we still cannot build a Quantum computer that can yet begin to tackle this problem, let alone solve it in a time within our lifespan. Thus SHA256 is considered "secure enough" for now.




Gladamas


May 01, 2012, 01:22:08 AM 

I see. So it is still unknown whether SHA128 is BQP...




Tomatocage
Legendary
Offline
Activity: 1526
brb keeping up with the Kardashians


May 01, 2012, 01:41:09 AM 

I'm intrigued by the possibility of a quantum Bitcoin mining platform. Quantum computers have already been theorized to be able to break the underlying mathematics behind hashing algorithms (see Shor's Algorithm.) Could quantum computers mine for Bitcoins at a much higher rate than what is achievable today?What's the point when you get knocked back to 10 minutes per block like every other jackass on the block?




Gladamas


May 01, 2012, 01:53:13 AM 

I'm intrigued by the possibility of a quantum Bitcoin mining platform. Quantum computers have already been theorized to be able to break the underlying mathematics behind hashing algorithms (see Shor's Algorithm.) Could quantum computers mine for Bitcoins at a much higher rate than what is achievable today?What's the point when you get knocked back to 10 minutes per block like every other jackass on the block? True. But it would still give you a lot of hashing power=money. Just wondering whether there would be a quantum algorithm to compute a very large number of hashes every second.




eleuthria
Legendary
Offline
Activity: 1750


May 01, 2012, 01:58:53 AM 

Hopefully if Bitcoin is still around when a new computing technology is emerging that truly threatens the security of the SHA256 hashing we do now, we can rally enough support to get a mainline fork like P2SH to switch to a more secured hashing system for future blocks. The hashing algorithm CAN be changed, even in the main Bitcoin chain, if the devs and the miners can all agree that the change is necessary for the currency to continue.

RIP BTC Guild, April 2011  June 2015



multi#lord
Member
Offline
Activity: 66
LSD


May 01, 2012, 04:13:12 AM 

Hopefully if Bitcoin is still around when a new computing technology is emerging that truly threatens the security of the SHA256 hashing we do now, we can rally enough support to get a mainline fork like P2SH to switch to a more secured hashing system for future blocks. The hashing algorithm CAN be changed, even in the main Bitcoin chain, if the devs and the miners can all agree that the change is necessary for the currency to continue.
If a quantum computer can fullfill the function of bitcoin mining, and accomplishes it far more rapidly than current technology, would this not impact the dynamics of how bitcoin operates in terms of economics? There are a few academic papers in circulation that point to a possible early prototype of a quantum computer within 2020s to 2030s. Despite the pace of our understanding picking up in this type of computing, there is still a long way to go before they become commercialized to the general public. So far we just reached the 22 nm node for integrated circuits, it is predicted by 2015 we will hit 15 nm. Quantum Tunneling is predicted to be an issue below this node, some academicians this year proved otherwise, indicating Ohm's law still functions below 15 nm. Maybe the design/approach to computing might be rethought as we shrink further before reaching quantum computers, such as going from an incandescent light bulb to a LED bulb.




eleuthria
Legendary
Offline
Activity: 1750


May 01, 2012, 05:06:57 AM 

Hopefully if Bitcoin is still around when a new computing technology is emerging that truly threatens the security of the SHA256 hashing we do now, we can rally enough support to get a mainline fork like P2SH to switch to a more secured hashing system for future blocks. The hashing algorithm CAN be changed, even in the main Bitcoin chain, if the devs and the miners can all agree that the change is necessary for the currency to continue.
If a quantum computer can fullfill the function of bitcoin mining, and accomplishes it far more rapidly than current technology, would this not impact the dynamics of how bitcoin operates in terms of economics? There are a few academic papers in circulation that point to a possible early prototype of a quantum computer within 2020s to 2030s. Despite the pace of our understanding picking up in this type of computing, there is still a long way to go before they become commercialized to the general public. So far we just reached the 22 nm node for integrated circuits, it is predicted by 2015 we will hit 15 nm. Quantum Tunneling is predicted to be an issue below this node, some academicians this year proved otherwise, indicating Ohm's law still functions below 15 nm. Maybe the design/approach to computing might be rethought as we shrink further before reaching quantum computers, such as going from an incandescent light bulb to a LED bulb. I'm certainly not worried about this happening unexpectedly. The bitcoin community is very involved in technology, and I'm sure if something appeared on the horizon as a gamechanger, the forums would light up much faster than that technology became available. If the technology improves steadily and we just see continual hash rate growth, it's no issue. The only time I would see a "threat" is if some new technology appears that is hard to obtain, yet able to either break sha256 or at the very least trivialize the current brute forcing of it. Quantum computing has often been mentioned as a potential threat in this way, though I don't know if there is much validity in that concern.

RIP BTC Guild, April 2011  June 2015



Gabi
Legendary
Offline
Activity: 1092
If you want to walk on water, get out of the boat


May 01, 2012, 11:37:23 AM 

If SHA256 is suddenly useless then bitcoin will be probably the minor problem: the whole world, banks etcetc use SHA




Fuzzy


May 03, 2012, 12:17:05 AM 

If SHA256 is suddenly useless then bitcoin will be probably the minor problem: the whole world, banks etcetc use SHA
Never considered this. Of all the ways you could get rich by cracking SHA encryption, bitcoin's reward:work ratio is relatively low.




pieppiep


May 03, 2012, 04:55:38 AM 

If SHA256 is suddenly useless then bitcoin will be probably the minor problem: the whole world, banks etcetc use SHA
Never considered this. Of all the ways you could get rich by cracking SHA encryption, bitcoin's reward:work ratio is relatively low. But if you hack a bank if you can crack SHA, the authorities will probably come for you. If you can hash way faster than other people, it's perfectly legal.




Fuzzy


May 03, 2012, 07:09:00 AM 

But if you hack a bank if you can crack SHA, the authorities will probably come for you. If you can hash way faster than other people, it's perfectly legal.
Why is the bank always the first thing people think of. No imagination.




bbulker


May 04, 2012, 02:12:08 AM 

http://www.dwavesys.com/en/dw_homepage.htmlPrice tag of only $10,000,000 and that's probably old tech now since it's commercially available. Bitcoin is already vulnerable and has been since it was created. Consumer products will probably be out in 2020.




Glasswalker


May 04, 2012, 02:42:59 AM 

Ahh, good old Canadian Innovation I applaud DWave for their innovation, though it should be mentioned that much of academia has concerns that DWave's Adiabatic Quantum Tech isn't "Real" Quantum Computing... How one would determine that I'm not sure lol Also the question is once again (as stated earlier in the thread) can this machine hash any faster than a GPU or FPGA? Quantum computers are not the beall endall of computing, they thrive on very specific types of problem spaces. If the problem isn't one that can benefit from the unique properties of Quantum Computing, then it won't necessarily be any faster. (hell in many cases it will be SLOWER)




Gladamas


May 04, 2012, 03:40:29 AM 

It should be mentioned that much of academia has concerns that DWave's Adiabatic Quantum Tech isn't "Real" Quantum Computing... How one would determine that I'm not sure lol You can determine if it is a "real" quantum computer if there is entanglement involved. There's a certain experiment for testing that but I can't recall its name. Also the question is once again (as stated earlier in the thread) can this machine hash any faster than a GPU or FPGA? Quantum computers are not the beall endall of computing, they thrive on very specific types of problem spaces. If the problem isn't one that can benefit from the unique properties of Quantum Computing, then it won't necessarily be any faster. (hell in many cases it will be SLOWER) Very true. However certain NP problems (problems not computationally feasible to solve on a classical computer) might just be BQP (solvable in polynomial time on a quantum computer.) The question is whether SHA256 (or SHA128) is NPcomplete: if so, it is probably not BQP.




PRESSPLAY
Newbie
Offline
Activity: 12


August 04, 2013, 05:44:29 AM 

Very true. However certain NP problems (problems not computationally feasible to solve on a classical computer) might just be BQP (solvable in polynomial time on a quantum computer.) The question is whether SHA256 (or SHA128) is NPcomplete: if so, it is probably not BQP.
*If* BQP = P then classical computers / Turing machines can run Grover's quadratic (square root time) search. After a few hundred thousand mined the hardness catches up and process is slow again. If additionally, GP constant time search [ http://arxiv.org/abs/1303.0371 ] is in BQP then all remaining coins are mined/minted near instantaneously (no SHA hardness is sufficient to slow the search). Further, double spending is possible if one can search in constant time. QKD is a possible solution to keeping transaction integrity  http://en.wikipedia.org/wiki/Quantum_key_distributionNo matter how 'unlikely' that all might sound by running standard software, just keep in mind that strictly speaking no theorems (including Grover's optimality for linear QC) would be violated.




cp1


August 04, 2013, 05:47:25 AM 

Why would you spend 100 billion dollars to crack bitcoin? If you took over 100% of the hashrate BTC would become worthless. If you spent that much on a computer there would be better things to use it for.




Ytterbium


August 04, 2013, 05:54:47 AM 

True. But it would still give you a lot of hashing power=money.
No you wouldn't. It would be far cheaper to throw 28nm ASICs at it. In fact, it would be cheaper to throw 5nm ASICs at it, since the R&D for a 5nm chip would be less then the R&D for a quantum computer. If you had the money for a quantum computer, you could fab a 5nm or even 1nm chip in a year.




Ytterbium


August 04, 2013, 05:58:59 AM 

You can determine if it is a "real" quantum computer if there is entanglement involved. There's a certain experiment for testing that but I can't recall its name.
Very true. However certain NP problems (problems not computationally feasible to solve on a classical computer) might just be BQP (solvable in polynomial time on a quantum computer.) The question is whether SHA256 (or SHA128) is NPcomplete: if so, it is probably not BQP.
DWave is a joke. It can't solve BQP problems, which is the entire point of what's normally considered a "Quantum Computer"




Lauda
Legendary
Offline
Activity: 1694
GUNBOT Licenses 20% with ref. code 'GrumpyKitty'


August 06, 2013, 08:20:53 AM 

http://www.dwavesys.com/en/dw_homepage.htmlPrice tag of only $10,000,000 and that's probably old tech now since it's commercially available. Bitcoin is already vulnerable and has been since it was created. Consumer products will probably be out in 2020. Not. Eventually if it does become a problem, you do something against it, same thing happens with pirating, the gov will never stop pirating, nor will quantum computers or anything of the sorts stop bitcoin




