Author

Topic: Can quantum technology crack the secret key in the future? (Read 298 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Good point, but you forget that race attack can start when quantum-resistant address is available for use. If it's deployed before quantum computer with sufficient qubits exists (some source mention 1500 qubits for 256-bit ECC), then the owner have big start.

right, and you think that applies to everyone on the network? is satoshi gonna move his coins to quantum-resistant outputs too?

Obviously no, the point is to reduce amount of Bitcoin at risks. Besides, this problem doesn't have solution where majority could agree.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged.

+1. the inertia around this subject, and the blind optimism that it will never have real consequences for bitcoin if we do nothing, is very frustrating to me.
There are real incentives for governments to not use QC technology to steal bitcoin, but once it is publically known such technology exists in the present, it will be too late to change. The biggest risk is IMO a rogue employee who wants to steal bitcoin, or who wants to trade on insider information about making it known that QC technology can crack bitcoin private keys in some circumstances.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
centralized organizations---military, corporations, banks---can harden their systems extremely quickly if necessary. bitcoin cannot. millions of coins will remain vulnerable.
Judging by how most organizations outright refuse to upgrade their systems in a cost saving measure, it's debatable how quick that'll be. I'm not sure if there'll be a standards defined by then and whether consumers can roll out the update quickly.

how about in 10 years? how about when bitcoin is bigger than gold's market?

i just don't understand the blind optimism. everything boils down to "even if it happens, nobody cares enough about bitcoin to attack it" or "everyone on the network---including the former owners of lost coins?---will magically move their coins the second before QC is a real threat". neither of those are believable to me.
That'll be a speculation, just like what most of the thread is about. What if in 10 years, Bitcoin drops to $10 per coin? There's both ways this can go of course.

My take on this is that governments are not primarily very interested in monetary incentives**, if you consider that most of the country's GDP is way more than Bitcoin's market cap and you have to include the cost for running one as well and AFAIK, current technology is nowhere near the efficiency that we need and the difficulties of running one for long periods of time, I think it's close to 0K?

I don't think that there is any viable solution to stop potential attackers to benefit from the older coins and most of the current proposals are merely based on the economics of doing it. If you can propose a way to stop attackers from siphoning those funds without forcibly taking it away, I'll totally be behind that of course. Otherwise, the funds will eventually be stolen, when quantum technology gets cheap enough. I don't believe that either of the statement will be true but I do however believe Bitcoin will not be the first to be exploited.

** Again, this is another speculation. The cost of running one will be clearer once we get closer to the required qubit and frequency.
legendary
Activity: 1652
Merit: 1483
Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

centralized organizations---military, corporations, banks---can harden their systems extremely quickly if necessary. bitcoin cannot. millions of coins will remain vulnerable.

I wouldn't really believe that the adversary, if it's a government would truly be interested in attacking Bitcoin as it's merely a low hanging fruit with fairly low rewards.

how about in 10 years? how about when bitcoin is bigger than gold's market?

i just don't understand the blind optimism. everything boils down to "even if it happens, nobody cares enough about bitcoin to attack it" or "everyone on the network---including the former owners of lost coins?---will magically move their coins the second before QC is a real threat". neither of those are believable to me.

Good point, but you forget that race attack can start when quantum-resistant address is available for use. If it's deployed before quantum computer with sufficient qubits exists (some source mention 1500 qubits for 256-bit ECC), then the owner have big start.

right, and you think that applies to everyone on the network? is satoshi gonna move his coins to quantum-resistant outputs too?

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged.

+1. the inertia around this subject, and the blind optimism that it will never have real consequences for bitcoin if we do nothing, is very frustrating to me.
member
Activity: 224
Merit: 18
Sovryn - Brings DeFi to Bitcoin
How can one answer this when this technology haven't been used to crack keys yet? The best answer is YES and NO, it's possible because it's a quantum tech and NO because it might not deliver up to how people are exaggerating the technology, the real answer is lost in the future, all we can do is wait to see
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.
The threats of quantum computers are very real. That does not discount the fact that the incentives to attack Bitcoin pales in comparison to the other things that you can do with QC. You're assuming that we won't be able to at least adopt another QC resistant standards before it becomes a threat. Long before Bitcoin becomes a target, I would assume that we would've adopted another QC resistant algorithm. QC technologies seems to have an incremental improvement over the years and I don't think that a 2000qubit QC machine would be discovered overnight. As a state, I would think that they are more interested in collecting encrypted information rather than cracking a few Bitcoin keys, and I think the estimates for a ~1500qubit machine puts it at one PK per hour. I'm not exactly sure of the running costs of a quantum computer but I would probably think that it's not worth their time at an early stage where you would probably need a very precisely controlled conditions to keep it stable.

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

Yes, Bitcoin will definitely be affected by QC but the fact that it *probably* cannot be mass produced in the first place will bring about some doubts if people would want to start cracking the keys if they (the states) could stand to gain much more by starting to decrypt previously intercepted internet traffic. Anyhow, I would regard all of the discussions as speculations. If quantum computers gets cheap enough and collecting money is their main goal, then attacking a currency like Bitcoin could make some sense though the effects will be limited.
QC can be used to decrypt encrypted communications between governments and their spies. It can also be used to decrypt encrypted military communications, and potentially impersonate the military command to military weapons. The above are likely the first use cases for QC technology that governments have access to and can keep secret.

If a government is researching QC technology, they are not necessarily going to make their progress public, nor will they keep the public informed about the status of the QC technology they have developed in any way. This means you will not know how effective the state of the art QC computers are.

In some amount of time, the US government is going to have access to QC technology that can trivially crack PK from a public key. The same is true for the Chinese government. At this time, neither will want to use the technology to steal bitcoin because they can use the technology to decrypt sensitive communications the other is sending. Once the US knows the Chinese have this technology (and vice versa), the technology is no longer useful for espionage because both governments will transition to QC resistant means of encryption.

There is also the risk of a rogue employee that could use QC technology they have access to in order to steal coin. Each of satoshi's mined blocks is currently worth about $1.75 million, which is a lot of money for anyone.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
My point is that QC tech is currently publicly available. I would anticipate it will continue being publicly available, probably a few generations behind the 'state of the art' technology.
It is. I just don't see the point if they aren't sufficient for doing anything as much as attacking Bitcoin, nor would I think that anyone in the public would be able to have access to such technology at least until the point when the relevant cryptographic algorithms are phased out.

I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.
The threats of quantum computers are very real. That does not discount the fact that the incentives to attack Bitcoin pales in comparison to the other things that you can do with QC. You're assuming that we won't be able to at least adopt another QC resistant standards before it becomes a threat. Long before Bitcoin becomes a target, I would assume that we would've adopted another QC resistant algorithm. QC technologies seems to have an incremental improvement over the years and I don't think that a 2000qubit QC machine would be discovered overnight. As a state, I would think that they are more interested in collecting encrypted information rather than cracking a few Bitcoin keys, and I think the estimates for a ~1500qubit machine puts it at one PK per hour. I'm not exactly sure of the running costs of a quantum computer but I would probably think that it's not worth their time at an early stage where you would probably need a very precisely controlled conditions to keep it stable.

Bitcoin prices will probably crash if that type of QC gets discovered overnight, so will the stocks market. QCs are after all not the primary threat to Bitcoin, but to all existing internet infrastructure.

Yes, Bitcoin will definitely be affected by QC but the fact that it *probably* cannot be mass produced in the first place will bring about some doubts if people would want to start cracking the keys if they (the states) could stand to gain much more by starting to decrypt previously intercepted internet traffic. Anyhow, I would regard all of the discussions as speculations. If quantum computers gets cheap enough and collecting money is their main goal, then attacking a currency like Bitcoin could make some sense though the effects will be limited.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
IBM currently allows public access to their quantum computers.
Depends on how you look at it. It consists of 2x 5 qubit processors and a 16 qubit processor. So, not really practical to attack cryptography at all.
My point is that QC tech is currently publicly available. I would anticipate it will continue being publicly available, probably a few generations behind the 'state of the art' technology.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.
Comes down to opportunity cost. I don't see quantum computers with that many qubits to be readily available and they would very much rather use it for deciphering sensitive information. Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.
As to the prior argument, I would say that if there comes a day where quantum computers are powerful enough, the governments will keep it for themselves. Breaking asymmetric cryptography is useful for espionage and mass surveillence, don't think they have any incentives to do so.
I have made similar arguments in the past, and I stand behind those arguments. I don't think this means QC can be ignored though. Once the West and the Communists in the East (most likely the US and Chinese respectively) have QC tech, knows the other side knows they have QC tech, and knows that the other side knows they have QC tech, the incentive to keep the technology under wraps goes away.

If QC technology is used to crack bitcoin private keys, it will probably be too late to move away from EDSCA and confidence in bitcoin security will be lost/damaged. Using QC technology to crack bitcoin private keys will also cause a lot of damage throughout the bitcoin economy, and it has the potential to cause a lot of businesses to go out of business.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
2. so how this is different than brute-force from just an address?
Quantum computers do not provide a sufficient speedup for your hashing algorithm which is your RIPEMD160 and SHA256 which wouldn't allow them to be able to get to your ECDSA public key which would be required for to be able to get your private key from your public key.
i think it would be reckless to make that assumption. it underestimates the potential power of the adversary's hypothetical machine. we may be talking about the same situation as a race attack. if the adversary forces a holder to spend all their coins as mining fees, the end result is the same---he loses his coins and they are recirculated into the supply.

it's also very unlikely that all holders of vulnerable outputs would be in a position to race the adversary. we're talking about a window of minutes or even seconds.
I would think that a collusion with a mining pool would make this far easier with them only accepting the attacker's TX. I couldn't find any other relevant information regarding the number of qubits required but I remember that you'll need a fairly high number of qubits to be able to pull this off within an hour. All the scenarios described are purely hypothetical. I wouldn't really believe that the adversary, if it's a government would truly be interested in attacking Bitcoin as it's merely a low hanging fruit with fairly low rewards.
legendary
Activity: 1652
Merit: 1483
but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.
1. Not all Bitcoin on legacy address is vulnerable, only address where it's public known is at risk.

i didn't say all legacy addresses were vulnerable, but we already know that many millions of coins currently are. consider this: https://twitter.com/pwuille/status/1108085284862713856

2. Quantum Computer can brute-force private key from public key far faster, but not instant. The actual owner can move their Bitcoin to quantum-resistant address with high fees.

i think it would be reckless to make that assumption. it underestimates the potential power of the adversary's hypothetical machine. we may be talking about the same situation as a race attack. if the adversary forces a holder to spend all their coins as mining fees, the end result is the same---he loses his coins and they are recirculated into the supply.

it's also very unlikely that all holders of vulnerable outputs would be in a position to race the adversary. we're talking about a window of minutes or even seconds.
newbie
Activity: 18
Merit: 10
but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.

1. Not all Bitcoin on legacy address is vulnerable, only address where it's public known is at risk.
2. Quantum Computer can brute-force private key from public key far faster, but not instant. The actual owner can move their Bitcoin to quantum-resistant address with high fees.

2. so how this is different than brute-force from just an address?
legendary
Activity: 1652
Merit: 1483
Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.

we could soft fork to add a new quantum-resistant signature type fairly quickly, but at the same time, the amount of bitcoins stolen from legacy addresses could have a catastrophic inflationary effect on the market.

since moving one's coins into quantum-resistant addresses is voluntary, millions of coins would likely remain unmoved. those would be stolen and circulated back into the economy.

that was the thinking behind theymos' comments here, which were not well received: https://www.reddit.com/r/Bitcoin/comments/4isxjr/petition_to_protect_satoshis_coins/d30we6f/

Quote
This issue has been discussed for several years. I think that the very-rough consensus is that old coins should be destroyed before they are stolen to prevent disastrous monetary inflation. People joined Bitcoin with the understanding that coins would be permanently lost at some low rate, leading to long-term monetary deflation. Allowing lost coins to be recovered violates this assumption, and is a systemic security issue.

it's a sticky subject. theft is wrong, but so too is willfully ignoring all users' expectations of controlled bitcoin inflation. lost coins were supposed to be a donation to the rest of us---at least that's what satoshi said---not recirculated into the supply.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
IBM currently allows public access to their quantum computers.
Depends on how you look at it. It consists of 2x 5 qubit processors and a 16 qubit processor. So, not really practical to attack cryptography at all. As to the prior argument, I would say that if there comes a day where quantum computers are powerful enough, the governments will keep it for themselves. Breaking asymmetric cryptography is useful for espionage and mass surveillence, don't think they have any incentives to do so.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.
Comes down to opportunity cost. I don't see quantum computers with that many qubits to be readily available and they would very much rather use it for deciphering sensitive information. Using it to attack Bitcoin won't reap much benefits especially when some BIPs would probably shift it to a quantum resistant algorithm fairly quickly.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
No, since quantum computers will likely be only available to governments, and potentially high level companies. They wouldn't have any reason to attack specific users, or even Bitcoin in general.
IBM currently allows public access to their quantum computers.

A government that does not want their unit of currency debased by bitcoin/cryptocurrency may also have an incentive to use QC to harm the public perception of the safety of using bitcoin.
newbie
Activity: 18
Merit: 10
So are we safe in foreseeable future?
staff
Activity: 3304
Merit: 4115
It will take more time to develop such computer. For now it could be consider as fiction like the earlier scientist where they predicted the invention of flying vehicles and even they were called as crazy before thinking of such impossible to happen. But it did and airplane was being invented. Now in regards to quantum computer, it will be complicated and will going to require devices compressed already to a minimal size with powerful designs of circuits that will going to run as  quantum computer.
Kind of I guess. Quantum computers definitely are possible, and have been made just not at the required power to be able to effect current standard algorithms. A quantum computer isn't very likely to be compressed any time soon, it might not even be physically possible, because of the amount of power that it requires, it needs to be cooled effectively. If you compress the machine too much, then that defeats the point. It would probably require operating in a sub zero room for it to be efficient also.
full member
Activity: 686
Merit: 125
It will take more time to develop such computer. For now it could be consider as fiction like the earlier scientist where they predicted the invention of flying vehicles and even they were called as crazy before thinking of such impossible to happen. But it did and airplane was being invented. Now in regards to quantum computer, it will be complicated and will going to require devices compressed already to a minimal size with powerful designs of circuits that will going to run as  quantum computer.
staff
Activity: 3304
Merit: 4115
No, since quantum computers will likely be only available to governments, and potentially high level companies. They wouldn't have any reason to attack specific users, or even Bitcoin in general. There's also been discussion that when the time is needed, Bitcoin could look into implementing a quantum computer resistant algorithm. Honestly, we are quite some ways off of having a computer with enough qubits to succeed. Even then, it requires motive which those that have possession or even the capabilities of quantum computing, aren't likely to concern themselves with.
member
Activity: 70
Merit: 32
Yes and no. Quantum computing is very useful for integer factorization with Shor's algorithm and offers an advantage for asymmetric algorithms to be cracked. This means that any pre-existing technology that uses public key cryptography, such as RSA and ECDSA are susceptible to such attacks. Is it more profitable for governments (presumably because they will have the budget required to operate one) to break TLS encryption or Bitcoin public keys? As of now, we're still quite a few years away from quantum computers with sufficient qubit to be able to crack asymmetric algorithms.

On the other hand, Grover's algorithm offers a quadratic speed up for symmetric algorithms. If your encryption cipher has a large enough key size, you're safe.

The problem is they are going to break it down, I'm sure you understand this - but others might not.  The real question is whether they are going to be able to use partial searches/partitions in order to run the algo faster.  If they can create the correct local iteration in order to speed up the process, it might work.  The next part of the problem is whether to grid up the local partitions in order to create a more complex algo that cane be increased by "n" speed as it is increased by 1 partition.  Who knows, haven't researched it in a while.
legendary
Activity: 2436
Merit: 1362
Yes as above I posted that Quantum Computing can be used to enhance a network rather than attack it.

So essentially the playing field remains as it is or the 'cat and mouse' game, lets say between developers
and hackers remains the same but on a different level.
full member
Activity: 616
Merit: 161
I know we are talking about quantum computing which is considered the be-all and end-all of technological advancement in any field but is it possible that encrypting as well will have its own evolution as it did so far. I'm looking at it like this, and mind you, this is a simplistic explanation so feel free to correct me, but as a quantum computer can decipher something, it can also make something more complex if the inputter wanted to go in that direction. If that is the case, since most research labs and governments will have access to it, they will surely want to explore new security and decryption option with it, at least to see if they could crack them.
legendary
Activity: 2072
Merit: 4265
✿♥‿♥✿
Quantum computers have long been called the future threat to the blockchain. But you also need to understand that even if such computers appear, it will not be a generally available technology. The owners of such computers will be research centers. For scammers, I think the purchase of this will not be available. Therefore, if we talk about hacking, then either large companies or the state itself can carry out them. Which by itself contradicts the possession of such technologies.
It should also be borne in mind that bitcoin itself develops annually, and while one industry is developing, another can also go-ahead for several decades.
hero member
Activity: 2156
Merit: 803
Top Crypto Casino
as far I know, to crack a complex password for example sha , you'll need centuries to crack those and you need like hundred supercomputers to do that but before that happens you'll be already dead when it happens, that's what I have read somewhere, but its just an estimate time and date not exact, so I think its a complete waste of time doing that.

Yes, you are write and this is where quantum computing comes in place as it can do calculation in just hours, which can take centuries for a few super computers.

I only know quantum computing is still in its early stages and it will be baseless to debate about a product which is not yet ready. IBM has been working on it and they have not yet confirmed when will it be ready.
legendary
Activity: 2436
Merit: 1362
I have heard the argument that if someone was to try and use
quantum computing to crack Bitcoin and passwords it would be
far more economical to actually start mining Bitcoin instead.

The power used trying to crack or hack the network or crack
passwords would be more beneficially used to help the network.

Then of course quantum computing is not just going to happen
miraculously overnight, its a technological journey and everybody
involved in the tech space is working towards the same basket of goals,
including quantum computing, so I dont have anything to fear
from QC.
sr. member
Activity: 1106
Merit: 310
as far I know, to crack a complex password for example sha , you'll need centuries to crack those and you need like hundred supercomputers to do that but before that happens you'll be already dead when it happens, that's what I have read somewhere, but its just an estimate time and date not exact, so I think its a complete waste of time doing that.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Yes and no. Quantum computing is very useful for integer factorization with Shor's algorithm and offers an advantage for asymmetric algorithms to be cracked. This means that any pre-existing technology that uses public key cryptography, such as RSA and ECDSA are susceptible to such attacks. Is it more profitable for governments (presumably because they will have the budget required to operate one) to break TLS encryption or Bitcoin public keys? As of now, we're still quite a few years away from quantum computers with sufficient qubit to be able to crack asymmetric algorithms.

On the other hand, Grover's algorithm offers a quadratic speed up for symmetric algorithms. If your encryption cipher has a large enough key size, you're safe.
copper member
Activity: 117
Merit: 10
Will the future technology crack very complex passwords soon?
Jump to: