Topic: Quantum computers to crack SHA256 - when will that become reality? - page 2. (Read 8257 times)

Full fledged quantum computers are still years away, I have read a para from a book called "Applied Cryptography" and it does imply that 256 keys are unbreakable as of now. But what we consider as 'secure' today might be compromised in few years so the no can give a definite answer yet. As for the bitcoin address, it is run through several hashes SHA-256, RIPEMD-160. So "when will it become a reality is?" has no proven answer as of now.

Concerning quantum computers and cryptography, there are two totally different aspects.

1) quantum computers, if ever they come into existence with a lot of qubits (which I personally doubt, but ok), can TOTALLY CRACK the current public key systems based on prime factorisation (RSA, Diffie-Hellmann) or based upon discrete logarithms in groups (elliptic curve crypto).  The algorithm to do so is known, it is Shor's algorithm.  By TOTALLY I mean totally: just ANY key can be cracked in a matter of milliseconds, on the condition that the quantum computer has more qubits than (a few times) the key length.  If such a quantum computer exists, there is simply no difficulty in cracking the key, it doesn't take "days" or anything because the difficulty goes LOGARITHMIC with Shor's algorithm.

2) however, for hash functions, and symmetric crypto like AES-256, it can be shown that a quantum computer can AT BEST use Grover's algorithm to crack it.  Grover's algorithm doesn't crack entirely a hash function, but essentially HALVES ITS BIT STRENGTH.  So a SHA-256 hash (with 256 bits) would not require 2^256 trials like on a classical computer, but "only" 2^128 trials on a quantum computer, which is STILL IMPOSSIBLE to do practically.  Most people think that quantum computers will, if ever they exist, run much slower than classical machines, so 2^128 trials on a quantum machine will be much harder to solve than 2^128 trials on a classical machine.

So while quantum computers can speed up hash function searching, they won't crack it entirely.  The interesting thing is that under certain conditions, it has been established that Grover's algorithm is the best possible one on a quantum machine, to attack a random hash function.

==> big hash functions are still secure against quantum attacks ; most current public key crypto is totally broken by quantum attacks.

This is why it is somewhat strange, in the bitcoin protocol, to have hashed the public key to 160 bits, and not have kept the 256 bits.  If the menace of a quantum attack were the reason for this, it would have been wiser to keep the 256 bit hash as an address instead of the 160 ripemd hash, because under grover's algorithm this would become only 80 bits secure, while the 256 bit hash would remain 128 bit secure under a quantum attack, which is the same level of *classical* security offered by the elliptic curve signature scheme - which wouldn't survive, by itself, a quantum attack.  This is one of the peculiar crypto design "features" of bitcoin...

By the time quantum computing happens that can crack SHA256, I suspect civilization will have already progressed far beyond our current knowledge. Especially with the advent of artificial intelligence and automated systems.

Majority of people commented above do believe that Quantum computers might crack sha256 but it would need lots of QC (just my own view) and also we are not still on that era to make such assumptions.The right time to say it when we do already test it out when QC is already been here.Just sit and wait for more decades to come before we can able to witness the development of QC's.

There's no proof yet that a quantum computer in practice can actually do anything faster than a classical computer. Theoretically it might be possible, but there are plenty of computer designs which sound like they could provide exponential speedups, but end up requiring some exponential resource to build or run which eliminates all advantages. It's totally possible the same thing happens with QC.

But even then, QC has it's limits, and it's unlikely that it's going to be able to break all cryptography or hashing.

If not 1 but 10 quantum computers might do it if that efficiency of system gets developed.

Isn't Golem project just like quantum computers? I must be misinformed though but I assume its what the company are going to manufacture base on what I have read on their whitepaper.


Time flies so that 20 years will be just a flash and you won't realize we can casually use these computers and available on local stores.

it's quite difficult to happen in the near future (maybe 20 years later) and if this issue could happen then They would have some strong tools to prevent this issue. So do not worry about it and it's too early to think about this issue.

Scientists have already built basic quantum computers that can perform certain calculations; but a practical quantum computer is still years away..
so we don't know if is is possible..

I hope Quantum computer technology is take under control. Otherwise it will be threatens the world. I fear that all encryption systems, cryptocurrency ecosystems to be threatened.

i dont think qunatum computers can speed up hashing, but anyway this is not what is meant by 'cracking' sha256.

The only thing that quantum computers can do is to speed up the calculation of SHA256 hashes. Even if its faster than normal computers by a factor of thousands, the ASICs would still be way faster than quantum computers. The difficulty will rise and the network would continue as per normal.

ECDSA is a bigger problem than this.

This one makes for an interesting watch ...

- https://www.youtube.com/watch?v=Lh8OGDNJZQk - Christian Schaffner: Quantum Cryptography 

21:00 = Quantum Cryptography Landscape / Post Quantum Crypto.

Let's woodchipper this dead horse rather than kick it, shall we? Quantum does not mean magic. Quantum computers use 1,2,3,4 etc rather than 1 and 0. They aren't magic, they can just make smarter decisions rather than yes no yes no yes no the answer could be infinite. How does this top look on me? How the hell would a computer ever answer that!? A quantum computer could .

It won't be cracked and if it is all banking around the world would be cracked so we'd be a small fish in a big pond. Don't worry about it.

Doesn't the fact that quantum computers are more efficient than classical computers (Taken from https://cs.stackexchange.com/questions/50366/is-there-any-proof-that-quantum-computers-are-more-efficient-than-classical-comp) mean that they will be slightly better than normal computers at hashing? Maybe not exponentially, but slightly more efficient?

I would find it interesting to read a nice article on how collision attacks are done.

This topic has been discussed multiple times already. Please use the search function or google and read up on the subject.

There are no known ways that quantum computers will break sha256.

Can Quantum computers one day break SHA256, and hence cause Bitcoin's death?

When would that be estimated to happen?


(probably won't die since we'll hard/soft-fork then to a new algo or smth, but just for discussion's sake)