Topic: Shouldn't we start using safer keys from now instead of waiting for problems? - page 3. (Read 6065 times)

Those blocks will have to be hashed. So yes there's a hard limit: miners.

For that matter, nobody seems to have asked the "asic producers" how capable their "products" would be to handle changes in that area (with or without additional clock bluffers).

If I'm correct this is a hard limit imposed while "we are still in alpha stage".
There is nothing that locks us from growing the blockchain 1GB per day. As someone pointed out, SSDs are already cheap enought.

THAT'S actually a bigger problem: I see that we have blocks of 200-300KB today, with 500-600 transactions. A limit of  less than 2000 transactions every 10 mins can be reached quite quickly if bitcion spreads.

Please don't shatter their dreams of a bitbased utopia where everyone can dance in bitbliss on the graves of bankers.  

I also said on the first post that cracking the blochain with this hardware is impossible, however it could be with quantum computers, that exists, they are not only a dream.

It will come a time when 160bits will not be enough. And I know that there are more combinations than atoms in the visible universe, but thank you anyway for this cool math.

I guess quite obviously (and for that matter contrary to what the general wisdom figures), Bitcoin is neither designed to be nor intended to be a consumer item.

Yes. Yes it is. See the problem?

Of course it is very unlikely, but that is not the point.

The UNIX engineers of 1970's also thought that it is really unlikely that anybody in 2013 will use their code & standards such as 32bit UNIX TIMESTAMPS limited to year 2038 and Ipv4 limited to roughly 4.000.000.000 addresses.

This shows that humanity is not really very good at thinking ahead, especially when speed of changes is rising exponentially.

So let's design ahead while you can, do not wait for the problem to show up (especially that now it is extremely easy to change something, and with time it will be more and more and more difficult, nearing impossible in few decades).

i thought the maximum block size was 1mb.

144 blocks per day = maximum 144mb per day.

That's will no be a problem: in 20 years an SD cards can reach size of thousands of TB (today there is 2TB usbstick). And you don't have to download all the blockchain to make client works.

Especially if you consider that any single copy of the blockchain would grow by 6 TeraByte PER DAY.

It's really unlikely that bitcoin will replace all world currencies in 20-30 years. Actually assuming that we would use 1/1000th of "coins" we can use 2,1 trillions of "coins" with a value of 1$ each.  That's roughly an average of 262 "coins" for every world inhabitant. Assuming that 1/100 of world population  will use bitcoin is 26200$ per person.

I'm quoting this just because, apparently, it can't be repeated enough. Thanks D&T.

By the way, correct me in what I'm wrong. What I know about quantum computers is that they're capable of executing operations which normal computers simply cannot execute. With these different kind of operations, it is possible to execute a particular algorithm that exploits a ""flaw"" in some public-key encryption algorithms like ECDSA or RSA and then crack a private key out of its public pair with considerably less operations than a brute force would request.

I have no idea how fast this algorithm can crack a a key, but I believe we have no reasons to worry right now. Quantum-proof public-key algorithms are not as much tested as ECDSA AFAIK, so it might not be a good idea to start using them right away. Hell, RSA is used all over and people are not worrying with this. We can stay cool for many years yet, I suppose.

Finally, hash functions are not quantum-vulnerable. So as long as you use disposable addresses (i.e., never reuse an address), you're safe even against quantum computers.

I know the military can't break the laws of physics and I know you have no idea the scale you are talking about.  We aren't talking about "wow this GPU is 3x as fast as last years" we are talking about energy usage on the scale of sending an intersteller spacecraft to another star system to begin a human colony.  

At the thermodynamic limit (the limit of efficiency in storing information imposed by the laws of the universe) it would require an amount of energy more than 100,000 times greater than the global energy usage of the entire human last year just to count to 2^160.  160 bit can't be brute forced today, tomorrow, next century, and likely not anytime until material sciences become so advanced that they will threaten what you propose we upgrade to as well.


To count to 2^160 (just count 1,2,3 ... 2^160) using a perfect computer would require 6.43x10^32 ergs.  To convert to a unit of power which is better known that is 1.78x10^16 kWh.  A next generation nuclear reactor (1500 MW, 90% capacity factor) can produce 4.257*10^13 kWh annually.  That means even if magical aliens gave us a perfect computer it would require ~420,000 reactor years to produce the energy necessary for it to count from 0 to 2^160.  Remember this is merely counting to the number 2^160.  To perform a brute force attack would require tens of thousands of operations per attempt.  So lets ballpark it to say ~50,000 brand new nuclear reactors constructed and running continually to power nothing but this non-existent alien tech perfect computer for the next 10,000 years .... and it would still only have less than a 10% chance of brute forcing a Bitcoin address.

So yes I know 160 bit keys won't be brute forced in the next 20 years.

This quote applies to 256 bit keys but to a lesser extent it applies to 160bit hashes as well.


http://www.schneier.com/blog/archives/2009/09/the_doghouse_cr.html

mmmmm.... space cheese

In the future kids will be too busy flying cars and eating space cheese to worry about breaking an encryption algorithm.

Sounds about right... Really, we can't even count to 2^256 with a theoretical perfectly efficient computer without using more energy than is contained in the sun.  Forget calculating a hash for each value.

Even in 20 years military can build a single computer as powerfull as all the computer of the world now and  put 1 quadrillion of that computer together (if they are the size of a credit card and 1mm of thickness they cover all the Earth surface with a stacked heigt of 9Km) it still took 80 years to crack a 160 bit hash. Not to count the energy involved in the process.