This thread is science fiction
well these guys think it's possible to do it: http://www.dwavesys.com/en/dw_homepage.html
i'm not so sure myself
Topic: ASIC and beyond (Read 2251 times)
well these guys think it's possible to do it: http://www.dwavesys.com/en/dw_homepage.html
i'm not so sure myself
SCIENCE FACT: I rode my hoverboard to work today
This thread is science fiction
Given enough time, research, and development, science fiction has a habit of becoming science fact.
This thread is science fiction
to put this in another perspective with qc we would not need 25*10^12 Hashes/second that we currently need to solve a block every 10 minutes, we would "only" need 5*10^6 hash/s QC machine to be able to do the same.
so if my 2GH/s rig were to turn quantum, I would be able so solve a block in 1,5s. now that's what I'm talking about.
so if my 2GH/s rig were to turn quantum, I would be able so solve a block in 1,5s. now that's what I'm talking about.
Which wasn't your initial claim:
"quantum computer can solve a block in time normal computer computes a single hash. as it simply tries all the "nonce"s in parallel."
that would indicate that regardless of difficulty a QC could solve a block in a billionth of second. An obvious false claim. On another thread you used the word "instant". That a QC could instantly solve all blocks. An impossibility from a thermodynamics standpoint.
Can QC solve some complex problems more efficiently (which may not mean faster for all problems) than classical computers? Sure. Are they this "insta-win" auto break all cryptography instantly doomsday device you keep ranting on about? No.
#1 there are problems that are "super polynomially" faster on a QC than on a normal computer. that means you can get practically instant result regardless of the size of the problem. please consult: http://math.nist.gov/quantum/zoo/
so your previous statement was wrong when you said "there is not instant speedup period"
#2 whether or not solving a bitcoin block falls into this category is not yet known. what is known is that the speedup is at least as the one I described.
personally I believe finding block hash would prove to be much easier than strict searching. there are algorithms that generalize searching into finding function minimum, which of course could be generalized even further for our purpose as we do not need an absolute minimum.
#3 i did not say "instantly" solve all blocks, I said 15 minutes, but hey, that's almost instant. regardless of that there is no "thermodynamics" minimum energy requirement for computation. any computation can be done with arbitrary low amount of energy. and solving all blocks is a computation. I'm not sure I understood what you meant by thermodynamic impossibility.
#4 there are other problems with quantum computers being unleashed onto the bitcoin like finding a corresponding private key to any public key in a short time for example thus allowing one to spend anyone's coins etc.
summing up: if suitably large QC were available today it would most likely kill off bitcoin. that's not the question. question is: how should/can bitcoin adapt to this new challenge which it will probably face in the next decade or two.
br
So now that ASIC is proven to be real, will their be a steady increase in ASIC efficiency with new products, or will ASIC be eclipsed by a newer, faster 4 letter chip in a year or two?
Are ASICs the last major evolution in mining hardware?
to put this in another perspective with qc we would not need 25*10^12 Hashes/second that we currently need to solve a block every 10 minutes, we would "only" need 5*10^6 hash/s QC machine to be able to do the same.
so if my 2GH/s rig were to turn quantum, I would be able so solve a block in 1,5s. now that's what I'm talking about.
so if my 2GH/s rig were to turn quantum, I would be able so solve a block in 1,5s. now that's what I'm talking about.
Which wasn't your initial claim:
"quantum computer can solve a block in time normal computer computes a single hash. as it simply tries all the "nonce"s in parallel."
that would indicate that regardless of difficulty a QC could solve a block in a billionth of second. An obvious false claim. On another thread you used the word "instant". That a QC could instantly solve all blocks. An impossibility from a thermodynamics standpoint.
Can QC solve some complex problems more efficiently (which may not mean faster for all problems) than classical computers? Sure. Are they this "insta-win" auto break all cryptography instantly doomsday device you keep ranting on about? No.
The network difficulty does adjust surprisingly quickly to increasing hashrate. A solid 45 minute block of the qc machine's time, could make solving blocks very hard for the following week even.
None of that is true. QC allow some problems (but not mining at least no Quantum Algorithm yet exists) to be solved in polynominal time vs linear time using classical computing. QC don't allow one to instantly solve or break anything. Period.
For example using Shor's algorithm one could break asymetric keys in 2^(1/2 keysize) operations vs k^(keysize) needed for classical computers.
This means that for example to brute force a specific ECDSA private key form the public key using classical computer would take 2^256 operations. While a QC is massively faster requiring only 2^128 attempts that is still a massive number of required operations.
For example using Shor's algorithm one could break asymetric keys in 2^(1/2 keysize) operations vs k^(keysize) needed for classical computers.
This means that for example to brute force a specific ECDSA private key form the public key using classical computer would take 2^256 operations. While a QC is massively faster requiring only 2^128 attempts that is still a massive number of required operations.
here are my 2 objections to your argument:
#1 what you are talking about is the full blown "birthday attack" on sha256 which is equivalent of say finding a hash which has all 0s in it.
what bitcoin protocol currently requires is that you find a hash which is sufficiently small.
this may be a lot less difficult problem to solve than the outright birthday attack.
#2 more importantly we are discussing what known attacks exist today. More specifically "Grover's algorithm". which will again reduce the number of steps from N to sqrt(N).
this is, as you pointed out, best we can hope at this point in time, for if we treat the problem at hand as a black box problem where we search for a suitable result we only halve the exponent of the problem.
to put this in another perspective with qc we would not need 25*10^12 Hashes/second that we currently need to solve a block every 10 minutes, we would "only" need 5*10^6 hash/s QC machine to be able to do the same.
so if my 2GH/s rig were to turn quantum, I would be able so solve a block in 1,5s. now that's what I'm talking about.
None of that is true. QC allow some problems (but not mining at least no Quantum Algorithm yet exists) to be solved in polynominal time vs linear time using classical computing. QC don't allow one to instantly solve or break anything. Period.
For example using Shor's algorithm one could break asymetric keys in 2^(1/2 keysize) operations vs k^(keysize) needed for classical computers.
This means that for example to brute force a specific ECDSA private key form the public key using classical computer would take 2^256 operations. While a QC is massively faster requiring only 2^128 attempts that is still a massive number of required operations.
For example using Shor's algorithm one could break asymetric keys in 2^(1/2 keysize) operations vs k^(keysize) needed for classical computers.
This means that for example to brute force a specific ECDSA private key form the public key using classical computer would take 2^256 operations. While a QC is massively faster requiring only 2^128 attempts that is still a massive number of required operations.
I am banking on Quantum computing and investing in something that might become public int he next 18 months
As amazing as Quantum computing is (and will be), I'm wary about implementing it for Bitcoin. It would be thousands (more than likely millions) of times faster than an high spec'd ASIC...so any one device kicked on before another would more than likely take control over the network (>50%).
you don't get it. quantum computer can solve a block in time normal computer computes a single hash. as it simply tries all the "noonce"s in parallel.
increase in difficulty will not matter changing sha256 to shaXYZ will not matter.
this is why quantum computers are being developed in the first place: to be able to solve problems that currently are very very difficult.
of course the first guy/girl that will deploy quantum computer to solve bitcoin blocks will solve all of them! all 21 million and he/she will probably do it in 15 minutes.
after that there will be no more bitcoin. not because there are no more bitcoins to mine, although that is a big part, but because there will be no point as the guy/girl with the second quantum machine will be able to mount a 51% attack. and so will all the rest.
but... seems to me that's years down the line. plus there are many more profitable activities, some sadly illegal, that one could use a quantum machine on.
cheers
I am banking on Quantum computing and investing in something that might become public int he next 18 months
As amazing as Quantum computing is (and will be), I'm wary about implementing it for Bitcoin. It would be thousands (more than likely millions) of times faster than an high spec'd ASIC...so any one device kicked on before another would more than likely take control over the network (>50%).
There is another leap before quantum processors:
A cpu manufacturer could begin from scratch to make a discrete miner with ram and hundred of thousands of SHA256 processors directly on the die. It would need no software as it's processing power is hard wired directly into the layout.
We are talking 100'rds of millions here in development. IBM might undertake such a venture. They are known to throw millions year after year into somthing just for research purposes.
A cpu manufacturer could begin from scratch to make a discrete miner with ram and hundred of thousands of SHA256 processors directly on the die. It would need no software as it's processing power is hard wired directly into the layout.
We are talking 100'rds of millions here in development. IBM might undertake such a venture. They are known to throw millions year after year into somthing just for research purposes.
I am banking on Quantum computing and investing in something that might become public int he next 18 months
D-Wave One look it up..... There is a start up in California that will publicly lease time on the machine they are buying, and something about a 512 qubit chip.
The Current product is a 128quibit, currently can slam out proteins folding pretty fast, someone said in an article 13/100,000 in 45 mins, and the new chips will be 512 qubits 1,000 times faster than 128 qubits
Dependent on the price of BTC, and the numberof correct blocks you can solve, in what amount of time it takes to do it!
D-Wave One look it up..... There is a start up in California that will publicly lease time on the machine they are buying, and something about a 512 qubit chip.
The Current product is a 128quibit, currently can slam out proteins folding pretty fast, someone said in an article 13/100,000 in 45 mins, and the new chips will be 512 qubits 1,000 times faster than 128 qubits
Dependent on the price of BTC, and the numberof correct blocks you can solve, in what amount of time it takes to do it!
No just cheaper and faster ASICs. Just like an Intel 286 and the latest Xeon CPU are both microprocessors the later is just magnitudes faster and more efficient (computing power per watt).
So now that ASIC is proven to be real, will their be a steady increase in ASIC efficiency with new products, or will ASIC be eclipsed by a newer, faster 4 letter chip in a year or two?
Jump to: