Topic: Can Quantum Computer's destroy Blockchain and Bitcoins[SHA-256 specifically] - page 2. (Read 1787 times)

See https://bitcointalksearch.org/topic/bitcoin-challenge-transaction-1000-btc-total-bounty-to-solvers-updated-5218972

I wonder if there is any puzzle-like challenge for breaking Bitcoin cryptography on your chain. Are there any "in between" steps or do you believe that one day you will break no keys and another day you will catch them all? Because if there is any such challenge, then it may be possible to see, how far we are from that, and also check, how successful are your attacks (and check if they are real or not).

This is a very common misconception that people do when talking about the security threat of quantum computers to btc & co. The main issue is not about the encryption algorithm, but instead of signature algorithm as it was mentionned in the link.

If a paper says the threat is non existent or is centuries away, feel free to believe them. But ask the authors how much money they will bet on their timeline and I am happy to bet against them

This doesn't say much, just that:
Where did you conclude that once SHA256 is broken, we'll upgrade to SHA384? If SHA256 becomes broken, which is a doomsday scenario, we shouldn't use neither SHA384 nor SHA512 as they all belong to SHA-2.

There's also a paper that explains why quantum computing isn't a problem for bitcoin, let me put it right here: https://arxiv.org/pdf/1710.10377.pdf.
Also, this thread: I don't believe Quantum Computing will ever threaten Bitcoin.

Some educative information from QRL THE QUANTUM RESISTANT LEDGER. Follow the links:

It's going to affect Bitcoin

Bitcoin's developers have already planned for this

Bitcoin will just hard/softfork

If they can break SHA_256, we’ll upgrade to SHA_384

But if you don’t reuse addresses, you’re safe because BTC only exposes the hash of your public key if you have never transferred BTC from that address

Quantum computing is a long ways away, there's no need to bother

If ECDSA will be broken, banks and the whole internet is broken. Blockchain is the least we’ll need to worry about then.

More info here.

Aha, so tell me, how to create N-of-N multisig without knowing any public key. Of course, you can combine OP_CHECKSIGADD with OP_HASH160 or OP_HASH256, but it will take much more space and will be much less private. You will not get a single Schnorr signature in this way. You will have to at least reveal all public keys. Also, spending by key can be locked in Taproot and we can force TapScript in a future soft-fork when needed. Another way is introducing new SIGHASHes.

That progress is gradual. You will not fully break SHA-256 tomorrow if you don't even know how to make MD5 preimage. And you will not break 256-bit regular keys without breaking easier 120-bit keys first. For now, 64-bit key is not yet touched, and it is still possible to grab 0.64 BTC by checking 2^64 private keys. Also, we can observe SHA-256 resistance just by watching block hashes. If quantum computers would be real, the attacker could silently mine new blocks and get more coins than breaking any keys.

In the past, the whole progress was gradual. What makes you think that it would be totally different this time?

Edit: one more thing: if you know how to do things in the right way, you can propose a BIP for that, right? Because for now, I can see no BIPs related to quantum-resistance that are ready to be implemented. So, you have two choices: you can complain about things on forums or you can fix it (or switch to a coin that fixed it if BTC will not adopt your solution), so why don't you fix that?

yeah sure, we are 100 billions years away from quantum computers ... no worry
and by the way, thanks to Taproot, little effort is required to know address public key, but I guess you did not pay any attention to that 'detail'!

So rather good luck to you, you will need it much more than I do ...
And feel FREE to keep betting against science and technology progress. You will indeniably end up on the WRONG side of history

Good luck. First, try to find 120-bit private key from transaction puzzle (or 64-bit private key with unknown public key and known address). There are many challenges that are far easier than regular 256-bit keys, and you will quickly see, how far we are from quantum computers if you try to break any of them.

why waste time mining BTC when you can do much better with a quantum computer?

that's a very poor use case ... Instead, I will aim to hack all big wallets, starting with Satoshi wallet (980, 000 BTC) and other big wallets, then start dumping them asap ...

Latest Quantum Computer available commercially - D-Wave Quantum Computer
Costs: $15,000 (That too un-configured for Bitcoin Mining, coding will cost additional man's salary)

Quantum Computer Operation: Well you will probably need a room or at least superconductors which would be cooling down your 2000Qubic chip down to the -273 degree celsium.

If you have money then it's fine, buying computer worth $15 million wont be big deal for you. The question is would you be able to maintain the temperature below zero degrees all the time? Imagine the power consumption required to do that one.

Forget about break even point, you wont be able to recover the yearly power consumption out of the bitcoin mining.

If you start to inject the market with heavy supplies of bitcoin, assuming you are mining 1000x others, then ideally the supply will easily fill up the demand and might reduce in the pricing.

For example, Supercomputer in China, named Tianhe-2 use 18 megawatts of electricity.

In conclusion even if we use it, it wont be beneficial at all.

they're trying to develop it but new things aren't always so solid. you need time to try and crack them. like years and years. no one broken RSA in decades so it's pretty solid. but you can't say the same thing about most of this new stuff.

https://www.linkedin.com/pulse/post-quantum-almost-standard-completely-cracked-lessons-roger-grimes

you also have some mineable new blockchain based on NIST round 3 quantum resistant signature algorithms:
-Doge protocol https://dogeprotocol.org/
-Tidecoin https://tidecoin.org/
-Arielcoin https://arielcoin.org/

And QRL based on quantum resistant algorithm called XMSS:
https://www.theqrl.org/

start mining & accumulating till the day (soon in the future, maybe by 2025...) when quantum threat wipes out 99.99% of crypto market caps (BTC, ETH, etc)

It's NOT a token project. It's a brand new blockchain. True that it's being supported by a token right now. But according to their roadmap, token holders will swap their tokens for native coins on the new L1 quantum resistant Qanplatform blockchain.

what do you think of the token $QANX ? QANPLATAFORM

they said to have a solution for this.

thanks!

It is simple. If you want to do it in backward-compatible way, then it will be always slower than the current implementation. You will have new_computing_time=old_computing_time+upgraded_version. If that "upgraded version" is positive, then the total computing time will always be greater than today. For example, if old_computing_time=1 and upgraded_version=0.1, then it is ten times faster. But as long as the old version is not broken, it is 10% slower.

The mailing mention NTRU would make node perform extra validation, yet NTRU implementation show it's far faster than ECC-NIST (closest one to cryptography which Bitcoin use). Can someone explain why?


Source: https://tbuktu.github.io/ntru/

Don't worry, people know about it and there are some discussions on our mailing list: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-April/020209.html

So, you think that not even the devs working on Bitcoin Core wouldn't see it coming in time of implementing Quantum resistance algorithms? I am sure they are aware and they are bright enough to see it coming. I mean, the technology must be developed, software must be developed and I don't believe that can be hidden from everyone up to a point that nobody will see it coming!

it would clearly be a profitable operation to run a qc, hacking few 1000s of btc/eth, then silently dump them to the sheep saying "quantum threat is decades away blablablabla". you won't see it coming even if you know that it's coming. And at first, it's clear that no individual or small organization will have access to such infrastructure, but some state sponsored actors or  big tech corps (Google, IBM, Microsoft, etc) would

I don't think it can. At least, in the upcoming few years, I think Quantum computers are still too expensive for someone to try such thing. I remember to watch a video quite some time ago and the video was explaining how hard it is to keep the computer running smoothly, how much energy it would spend and how would it cost, like per day, or something like that. The numbers were alarmingly high and the technology needed to keep the computer running was also large.

A part from that, I think there are already people working on Quantum resistant algorithms for when that time comes!