Topic: Quantum computers to crack SHA256 - when will that become reality? (Read 8257 times)

Well, if full-scale quantum computers are used in mining, they would simply "up" the difficulty, in the same way that the introduction of ASICS did.  You would have miners with quantum computers "competing" for blocks and all the rest left behind, like the CPU miners were left behind by ASIC miners.

Of course, the problem with PoW as a cryptographic security mechanism is that it is a quite ridiculous "security" in the sense that the work to be done by an attacker is comparable to the work done by the "good guys" ; and in the case of technological evolution, the work to be done by an attacker is MUCH LESS than the total work done by all the good guys (work done as in economic cost of work done).
For instance, with ASIC miners, it is very easy to overdo all the work that miners did the first few years of bitcoin, for much less cost than these miners did spend on it.
So if ever there is a quantum computer that can mine, miners should use it directly, and the "old part of the chain" will be easy to redo with the quantum computer at hand ; but competition between quantum computers will still make the "head" of the chain ; like ASICS now make the head of the chain, but the old tail is relatively easy to do over.

You said it your self "supercomputer" not quantum computer, you could also call ASICboost machines as a super miner.
Since when mining is a crime? no matter with what kind of hardware you are mining as long as you don't skip the work
Only concern about quantum computers is about their ability to crack down the prime number sequence and find private keys not what if they were mining bitcoin.
Already IBM/ DARPA/ Google and US have their own QCs but still in early stages of development, they are now more like the 30 years ago mobile phones which people used to call them bricks because they were big and heavy.

what about decentralized super computers? elastic xel just showed POC where elasticPL mined bitcoin block.

POC video can be found here: https://vimeo.com/216378462

update can be found here: https://bitcointalksearch.org/topic/m.18910971

How do we know that right now the available quantum computers aren't mining Bitcoin?
What else would be more profitable to do for them? aren't the current QCs perfect for mining?
What happens if a QC was in fact mining Bitcoin but before the difficulty adjustment stopped?
And started again after the target has passed?

Can a full-scale quantum computer revert SHA256? No.
Can a full-scale quantum computer own Bitcoin blockchain? Yes.

Nothing to discuss below this point, IMO.

Exactly. Also remember that in the event of a super power quantum computer trying to break the sha256 hash they will need however to compete with the majority of miners together which secure the network by definition. It would be a fail cause I think that noone can override the power of a peer to peer network of such capabilities as the one of Bitcoin in the future when this kind of attack could happen.

If a Quantum computer can already crack the SHA256 algorithm then we are all doomed here. There is no future for bitcoin if someone is able to crack it, no matter who this someone is. Since Quantum computers are mostly in the hands of the governments which don't like bitcoin , they would have already used it to crack bitcoin and to end it.

I think for the moment this is not possible and is the hope that for a lot of years this will not happen that keeps us going and  to believe in bitcoin strength.

Could quantum computers be a problem?

These people think so: https://theqrl.org/

SHA256 doesn't need to be crackable to bring Bitcoin to knees:

Source: https://www.iotatoken.com/IOTA_Whitepaper.pdf

If I knew, I would not post that information to a public forum.

Well, years could be possible yes.
China is on his way to do this
http://www.pcworld.com/article/3194574/hardware/china-adds-a-quantum-computer-to-high-performance-computing-arsenal.html
But to crack the SHA-256 i don't think so.

This is a topic that should definitely be a sticky in the Technical Discussion section.
The same question gets asked literally every two weeks. Topic could be closed and OP pointed to the sticky,
at least until there was some further information on this subject.

Never get your information from the source that builds or has an interest in the subject, just look at robots, artificial intelligence and all of that, those things have been one generation away for a long time and there is no reason to think we are even close to get hard AI.

I think it is not possible .

blockchain developers... 

Stupid post.

NO! Quantum computers aren't magic you moron. Rather than computing with 1's and 0's (or bits) they use sequences (qubits). They just aren't binary. This is completely useless for trying to crack encryption. Why the hell would this help at all? This is like trying to use an asic to play a video game. You need a damn GPU! Both are powerful in their own way but are 100% useless for doing the other task.

Go ahead and lock the thread now. Maybe you should do a quick Google.

https://en.wikipedia.org/wiki/Quantum_computer

edit: and if some some crazy magical unicorn pixy dust out of your ass way something cracked SHA-256, online banking would also be hacked. I have a feeling the hacker would be going after the trillions of dollars/euros etc rather than ... $20Billion worth of bitcoins. Who gives a crap about bitcoins in this instance??

I think this issue will not happen in the future because The Blockchain Developers have many tools to prevent this crack in the near future.
Do not worry about that . just go and buy come bitcoins to hold them for long-term period as future investment .
I guess it will be at 3,000 usd in this year.

A fork would be a solution

I would be more worried about the security of my wifi connection than the BTC chain security.

The "it is run through several hashes" doesn't really mean much, apart from the possibility that one of the hash functions has a property that allows one to crack it specifically (which is not excluded of course).   In as much as hash functions are not broken crypt-analytically, there's no benefit in running several of them in series.  What counts is the bit length of the result.  Grover's algorithm doesn't care how many times one has applied how many hash functions: it looks at the global mapping from input to output with the given prescription (OK, practically, it does matter, because the system that has to apply the quantum correlations will be more complex if several hash functions are called successively, which will be a pain for those making the computer), and it doesn't need this prescription to contain any particular property: just the rule that tells you how to calculate the overall result.
In a way, I find it strange that the bitcoin address has a double SHA-256, followed by a RIPEMD-160, which reduces the 'security' from 256 bits to 160 bits.  I guess one of the motives was that there was a fear that there was a back door in SHA-256 (of NIST origin), and another back door in RIPEMD-160 (of Belgian academic origin), but that both of them combined would kill each back door mutually or something of the kind.  The overall structure of RIPEMD and SHA-256 is actually quite analogous, so if there were a structural weakness in one, most probably that weakness would carry over to the other.

For a bitcoin address, the thing that matters is the hardest puzzle for a hash function: pre-image resistance.  In fact, I'm not aware of any "official" hash function that ever had a serious pre-image attack, even for hash functions that are now considered totally broken for collision attacks.  MD5, for instance, has only a very lightly weakened pre-image security, although it is essentially totally broken considering collision attacks (takes only a few seconds on a normal PC).

So this double SHA-256 followed by RIPEMD-160 can only have a meaning for back door paranoia, not for cryptanalytic resistance ; and the true security has been lowered from 256 bits to 160 bits.