Topic: 128-bit Quantum Computer Commercially Available - Qubitcoin coming soon? - page 2. (Read 7960 times)
December 14, 2011, 10:54:22 PM
Also interesting from this corner. DWave ran a distributed computing project for a long time called Aqua. It was suspended earlier this year because they had the results they needed in progressing commercialisation of what they were looking at. I'll wait and see if it really has advantages over conventional linear or parallel computing.
December 14, 2011, 10:53:20 PM
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key. Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing. Since the public key is an unknown to the attacker they have no input for shor's algorithm.
Interesting! From what I've read, I think you're correct. Shor's algorithm is effective against asymmetric ciphers, not secure hash functions or symmetric ciphers (though Grover's algorithm promises somewhat improved performance in computing hashes and ciphers, but this isn't likely to result in any dramatic, overnight jumps in block computation). It would be a bit of an inconvenience though…you would always want to spend all bitcoins out of an address exactly once (because you do have to reveal the public key when you spend coins) and then never use that address again. After spending, since the public key has been revealed, any remaining coins at that address would be at risk (assuming a quantum computer could derive the private key in a timely fashion).I'm guessing Satoshi was well aware of quantum based algorithms (Shor's has been known for a long time). Reading up on the application of these algorithms, it doesn't take much to realize that the strategic application of a secure hash function may be effective in mitigating the risk that quantum computing would pose. Using a hash of the public key has a practical benefit (shorter addresses), but I imagine Shor's was in the back of his mind as well.
I dont' get it , If the sender don't know the receiver's public key, how can he send money?
December 14, 2011, 10:49:59 PM
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key. Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing. Since the public key is an unknown to the attacker they have no input for shor's algorithm.
Interesting! From what I've read, I think you're correct. Shor's algorithm is effective against asymmetric ciphers, not secure hash functions or symmetric ciphers (though Grover's algorithm promises somewhat improved performance in computing hashes and ciphers, but this isn't likely to result in any dramatic, overnight jumps in block computation). It would be a bit of an inconvenience though…you would always want to spend all bitcoins out of an address exactly once (because you do have to reveal the public key when you spend coins) and then never use that address again. After spending, since the public key has been revealed, any remaining coins at that address would be at risk (assuming a quantum computer could derive the private key in a timely fashion).I'm guessing Satoshi was well aware of quantum based algorithms (Shor's has been known for a long time). Reading up on the application of these algorithms, it doesn't take much to realize that the strategic application of a secure hash function may be effective in mitigating the risk that quantum computing would pose. Using a hash of the public key has a practical benefit (shorter addresses), but I imagine Shor's was in the back of his mind as well.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
December 14, 2011, 09:54:00 PM
I spent some time today looking again at the state of quantum computing: I'm still not worried.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
Exactly.
The Future of Quantum Computing - Michiu Kaku
http://www.youtube.com/watch?v=YgFVzOksm4o
"Our most advanced robots have the collective intelligence and wisdom of a mentally challenged lobotomized cockroach. They take about 6 hours to walk across the room."
How to Program a Quantum Computer - Michiu Kaku
http://www.youtube.com/watch?v=rUWfod_8JsM
"Moore's law may begin to expire in the next 10 or so years."
December 14, 2011, 09:24:03 PM
I spent some time today looking again at the state of quantum computing: I'm still not worried.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
Glad to hear that.
December 14, 2011, 08:00:01 PM
December 14, 2011, 07:41:08 PM
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..
They tricked us last time, i highly doubt this is the real deal..
Actually last time they themselves didn't know if it was quantum (!!) or not, are they sure this time ?
Or did they also invent Quantum Trolling Technology™ ?
December 14, 2011, 07:38:17 PM
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..
They tricked us last time, i highly doubt this is the real deal..
Actually last time they themselves didn't know if it was quantum (!!) or not, are they sure this time ?
Or did they also invent Quantum Trolling Technology™ ?
December 14, 2011, 07:34:29 PM
I spent some time today looking again at the state of quantum computing: I'm still not worried.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).
Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.
There's was a good reality-check article in the New York Times just last week:
http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html
Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.
I've said it before: I'll start to worry when quantum computers can factor 64-bit numbers.
December 14, 2011, 07:11:02 PM
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key.
I don't know if this is true, but would like to note that the public key is known for addresses that have been spent from. 
December 14, 2011, 05:11:15 PM
From what I have read.....
A 1024 Qbit computer would take about 1000 years to break a key. This is much better then the millions of years all of the computers on the planet combined would take so it is revolutionary. It just does not threaten bitcoin yet. With the rate of growth in quantum computing, bitcoin will need to be upgraded, and it should be done before five years. After five years, quantum key breaking may start to enter the relm of possibility for large institutions.
A 1024 Qbit computer would take about 1000 years to break a key. This is much better then the millions of years all of the computers on the planet combined would take so it is revolutionary. It just does not threaten bitcoin yet. With the rate of growth in quantum computing, bitcoin will need to be upgraded, and it should be done before five years. After five years, quantum key breaking may start to enter the relm of possibility for large institutions.
December 14, 2011, 04:21:56 PM
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..
They tricked us last time, i highly doubt this is the real deal..
December 14, 2011, 01:33:35 PM
Finally, a computer capable of running Crysis.
December 14, 2011, 11:53:49 AM
Finally, a computer capable of running Crysis.
December 14, 2011, 11:39:56 AM
I don't think they have an quantum algorithm to do reverse ECDSA yet. But I could be wrong.
shor's algorithm can be modified to work on elliptic curves.I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key. Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing. Since the public key is an unknown to the attacker they have no input for shor's algorithm.
IIRC shor's alogrithm is simply a "speed booster" which when given a public key K can find the private key k magnitudes faster than conventional brute force. With Bitcoin only the owner of the private key knows the public key.
The other nice thing about Bitcoin is it is unlikely there is any economic value in attacking the network. If you could out solve the entire rest of the network you likely would make more just being a masive hashing farm than trying to attack it. The threat of 51% comes from a non-economic attack. An entity who seeks to double spend not for profit but to destroy Bitcoin. While a quantum computer might someday help an attacker if it is public available it would also help defenders too.
December 14, 2011, 10:07:04 AM
Lol
"128 qbit capability"!? The soundcard mining was more believable.
"128 qbit capability"!? The soundcard mining was more believable.
December 14, 2011, 06:11:10 AM
With quantum operators 
December 14, 2011, 06:04:35 AM
So how do you program a quantum computer? Using qBASIC?
December 14, 2011, 05:55:17 AM
I don't think they have an quantum algorithm to do reverse ECDSA yet. But I could be wrong.
shor's algorithm can be modified to work on elliptic curves. Jump to: