As far as defeating hashcash goes, the numbers are daunting for quantum computer designers: by 2028, the researchers reckon, you'd need a 4.4 million qubit machine to achieve 13.8 gigahashes per second: “This is more than one thousand times slower than off the shelf ASIC devices which achieve hash rates of 14TH/s”.
Shor's algorithm, a quantum algorithm for factoring integers (that's how it would attack cryptography), is a better path, they write.
Deploying a quantum computer against the secp256k1 elliptic curve Bitcoin uses is much more dangerous: if the signature is cracked, the scheme is completely insecure, and attackers can plant fake transactions and steal Bitcoin.
As with cracking the proof-of-work, the researchers assume quantum computers get big and fast relatively quickly, and even so, they fall slightly short: with a 10 GHz clock rate, around half a million qubits, and a low enough error rate of 10-1 could crack the signature in 30 minutes.
That's close enough to make Bitcoin's critical 10-minute rate “highly insecure”, so the authors recommend the Bitcoin protocol be migrated to a post-quantum signature scheme.
Shor's algorithm, a quantum algorithm for factoring integers (that's how it would attack cryptography), is a better path, they write.
Deploying a quantum computer against the secp256k1 elliptic curve Bitcoin uses is much more dangerous: if the signature is cracked, the scheme is completely insecure, and attackers can plant fake transactions and steal Bitcoin.
As with cracking the proof-of-work, the researchers assume quantum computers get big and fast relatively quickly, and even so, they fall slightly short: with a 10 GHz clock rate, around half a million qubits, and a low enough error rate of 10-1 could crack the signature in 30 minutes.
That's close enough to make Bitcoin's critical 10-minute rate “highly insecure”, so the authors recommend the Bitcoin protocol be migrated to a post-quantum signature scheme.
Copypaster didn’t even bother to fix the “10-1”. Of course, this was in a totally irrelevant thread (“Re: Brainwallet history”).
Hey, guys, don't you think you are a bit overdoing this?
Why don't you stop and think for a moment that there are only 26 letters (well, that depends on the alphabet you are using) and these are the same letters we all use. What the fuck, we even use the same words and phrases or even whole sentences now and then ("insult to the injury", yeah). These are idioms as well as golden thoughts said by wise people which allow you to express your idea without delving into pesky details. Should we avoid using them lest we get caught by some nut and reported to a mod?
Why don't you stop and think for a moment that there are only 26 letters (well, that depends on the alphabet you are using) and these are the same letters we all use. What the fuck, we even use the same words and phrases or even whole sentences now and then ("insult to the injury", yeah). These are idioms as well as golden thoughts said by wise people which allow you to express your idea without delving into pesky details. Should we avoid using them lest we get caught by some nut and reported to a mod?
deisik, you quoted my post in its entirety; but you failed to even read it. Here, let me help you:
Both these posts were... consecutive in the same thread[.]
[...]
Yes, those posts are here quoted in their entireties.
[...]
Yes, those posts are here quoted in their entireties.
Contra your implication, it is not as if I trawled the forum for two people who by happenstance uttered similar short sentences years apart amidst thoughtful discussion.
I think mods made the right call, nuking both users.
