Pages:
Author

Topic: 128-bit Quantum Computer Commercially Available - Qubitcoin coming soon? - page 2. (Read 8011 times)

hero member
Activity: 518
Merit: 500
Also interesting from this corner.  DWave ran a distributed computing project for a long time called Aqua.  It was suspended earlier this year because they had the results they needed in progressing commercialisation of what they were looking at.  I'll wait and see if it really has advantages over conventional linear or parallel computing.
hero member
Activity: 714
Merit: 500
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key.  Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing.  Since the public key is an unknown to the attacker they have no input for shor's algorithm.
Interesting!  From what I've read, I think you're correct.  Shor's algorithm is effective against asymmetric ciphers, not secure hash functions or symmetric ciphers (though Grover's algorithm promises somewhat improved performance in computing hashes and ciphers, but this isn't likely to result in any dramatic, overnight jumps in block computation).  It would be a bit of an inconvenience though…you would always want to spend all bitcoins out of an address exactly once (because you do have to reveal the public key when you spend coins) and then never use that address again.  After spending, since the public key has been revealed, any remaining coins at that address would be at risk (assuming a quantum computer could derive the private key in a timely fashion).

I'm guessing Satoshi was well aware of quantum based algorithms (Shor's has been known for a long time).  Reading up on the application of these algorithms, it doesn't take much to realize that the strategic application of a secure hash function may be effective in mitigating the risk that quantum computing would pose.  Using a hash of the public key has a practical benefit (shorter addresses), but I imagine Shor's was in the back of his mind as well.


I dont' get it , If the sender don't know the receiver's public key, how can he send money?
hero member
Activity: 868
Merit: 1008
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key.  Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing.  Since the public key is an unknown to the attacker they have no input for shor's algorithm.
Interesting!  From what I've read, I think you're correct.  Shor's algorithm is effective against asymmetric ciphers, not secure hash functions or symmetric ciphers (though Grover's algorithm promises somewhat improved performance in computing hashes and ciphers, but this isn't likely to result in any dramatic, overnight jumps in block computation).  It would be a bit of an inconvenience though…you would always want to spend all bitcoins out of an address exactly once (because you do have to reveal the public key when you spend coins) and then never use that address again.  After spending, since the public key has been revealed, any remaining coins at that address would be at risk (assuming a quantum computer could derive the private key in a timely fashion).

I'm guessing Satoshi was well aware of quantum based algorithms (Shor's has been known for a long time).  Reading up on the application of these algorithms, it doesn't take much to realize that the strategic application of a secure hash function may be effective in mitigating the risk that quantum computing would pose.  Using a hash of the public key has a practical benefit (shorter addresses), but I imagine Shor's was in the back of his mind as well.
hero member
Activity: 588
Merit: 500
Hero VIP ultra official trusted super staff puppet
I spent some time today looking again at the state of quantum computing: I'm still not worried.

The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).

Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.

There's was a good reality-check article in the New York Times just last week:
   http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html

Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.

I've said it before:  I'll start to worry when quantum computers can factor 64-bit numbers.


Exactly.

The Future of Quantum Computing - Michiu Kaku
http://www.youtube.com/watch?v=YgFVzOksm4o

"Our most advanced robots have the collective intelligence and wisdom of a mentally challenged lobotomized cockroach. They take about 6 hours to walk across the room."

How to Program a Quantum Computer - Michiu Kaku
http://www.youtube.com/watch?v=rUWfod_8JsM

"Moore's law may begin to expire in the next 10 or so years."


hero member
Activity: 714
Merit: 500
I spent some time today looking again at the state of quantum computing: I'm still not worried.

The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).

Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.

There's was a good reality-check article in the New York Times just last week:
   http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html

Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.

I've said it before:  I'll start to worry when quantum computers can factor 64-bit numbers.


Glad to hear that.

hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..

Actually last time they themselves didn't know if it was quantum (!!) or not, are they sure this time ?

Or did they also invent Quantum Trolling Technology™ ?
They can't be sure, until their brain-particles interact with the troll-quantum-bits, splitting our subjective view into one of the multiworlds, yet losing the quantum-troll-decoherence in the process.
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..

Actually last time they themselves didn't know if it was quantum (!!) or not, are they sure this time ?

Or did they also invent Quantum Trolling Technology™ ?
legendary
Activity: 1652
Merit: 2301
Chief Scientist
I spent some time today looking again at the state of quantum computing: I'm still not worried.

The D-Wave system is not a general-purpose quantum computer; it is pretty specialized for solving certain problems (I'm reasonably certain cracking ECDSA encryption is not one of the problems it would be good at, but I am definitely NOT a quantum crypto expert).

Skimming the research, it looks like you'd need a specially-constructed quantum computer with 515 qbits and over 100million quantum gates, running more than 16 million quantum operations to crack Bitcoin's 256-bit ECDSA private keys using Shor's algorithm.

There's was a good reality-check article in the New York Times just last week:
   http://www.nytimes.com/2011/12/06/science/scott-aaronson-quantum-computing-promises-new-insights.html

Quote
Unfortunately, while small quantum computations have already been demonstrated in the lab, they typically fall apart after only a few dozen operations. That’s why one of the most-celebrated quantum computations to date has been to factor 15 into 3 times 5 — with high statistical confidence! The problem is decoherence: basically, stray interactions that intrude prematurely on the computer’s fragile quantum state, “collapsing” it like a soufflé. In theory, it ought to be possible to reduce decoherence to a level where error-correction techniques could render its remaining effects insignificant. But experimentalists seem nowhere near that critical level yet.

I've said it before:  I'll start to worry when quantum computers can factor 64-bit numbers.
hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key.
I don't know if this is true, but would like to note that the public key is known for addresses that have been spent from.
legendary
Activity: 1386
Merit: 1004
From what I have read.....

A 1024 Qbit computer would take about 1000 years to break a key.  This is much better then the millions of years all of the computers on the planet combined would take so it is revolutionary.  It just does not threaten bitcoin yet.  With the rate of growth in quantum computing, bitcoin will need to be upgraded, and it should be done before five years.  After five years, quantum key breaking may start to enter the relm of possibility for large institutions. 
legendary
Activity: 1937
Merit: 1001
Hmm, dwave again...
They tricked us last time, i highly doubt this is the real deal..
sr. member
Activity: 700
Merit: 250
hero member
Activity: 896
Merit: 1000
Seal Cub Clubbing Club
Finally, a computer capable of running Crysis.
donator
Activity: 1218
Merit: 1079
Gerald Davis
I don't think they have an quantum algorithm to do reverse ECDSA yet. But I could be wrong.
shor's algorithm can be modified to work on elliptic curves.

I don't think shor's algorithm helps because the address is a hash of the public key not the actual public key.  Either Satoshi got reallly luck or he was some super genius who saw the threat of quantum computing.  Since the public key is an unknown to the attacker they have no input for shor's algorithm.

IIRC shor's alogrithm is simply a "speed booster" which when given a public key K can find the private key k magnitudes faster than conventional brute force.  With Bitcoin only the owner of the private key knows the public key.


The other nice thing about Bitcoin is it is unlikely there is any economic value in attacking the network.  If you could out solve the entire rest of the network you likely would make more just being a masive hashing farm than trying to attack it.  The threat of 51% comes from a non-economic attack.  An entity who seeks to double spend not for profit but to destroy Bitcoin.  While a quantum computer might someday help an attacker if it is public available it would also help defenders too.
legendary
Activity: 1246
Merit: 1011
Lol

"128 qbit capability"!?  The soundcard mining was more believable.
hero member
Activity: 714
Merit: 504
^SEM img of Si wafer edge, scanned 2012-3-12.
With quantum operators Smiley
Ean
full member
Activity: 199
Merit: 100
So how do you program a quantum computer? Using qBASIC?
sr. member
Activity: 476
Merit: 250
I don't think they have an quantum algorithm to do reverse ECDSA yet. But I could be wrong.
shor's algorithm can be modified to work on elliptic curves.
Pages:
Jump to: