I guess a rough cost estimate could be obtained by determining the value of bitcoins mined (around half a billion $ per year?). The mining operations cost less than this to run per year or it wouldn't be profitable.
Mining increases in cost over time due to the increasing difficulty. As such, earlier mining operations could be very profitable at a significantly reduced cost compared to current mining. As such, I'm not sure that you can use the current exchange rate to determine what would have been profitable 3 years ago. Nor can you use coins that were mined at a reduced cost 3 years ago to calculate how much it would cost to compete with today's network.
Yes perhaps the payback period for the equipment is several years but that is not what I recall hearing.
Payback period is is based on a lot of guesses at things like future exchange rate and predicted difficulty increases. If a single entity were to rather suddenly double the difficulty, it might have a significant effect on the payback period.
If the attacking entity decided to sell the coins they mined they might offset most of that cost.
Sell the coins? After they destroyed the system? How much do you suppose they'd get for them? Maybe 1 penny for 100,000 coins?
But assuming it is an inefficient govt agency, and they don't even sell the coins mined, it looks like 51% of the network computing power could still be obtained for under $1 billion.
Not sure about your estimates, but even if they are accurate the point isn't that a government the size of the U.S. couldn't afford to pay a research team to design a better ASIC, then pay a manufacturing team to build the better ASIC, then pay a attack team to run the better ASIC. The point is that there are more cost effective attacks, so why bother with such an expensive one. Perhaps you could pass a law that anyone found running a miner or relay node will be shot on sight. Anyone found guilty of transacting in bitcoins will be sentenced to death by electrocution. Anyone found in possession of a blockchain file will be sentenced to 30 years in prison and will be fined $10,000. Any bank or other financial business found to be transferring USD to any foreign entity that engages in any form of bitcoin transactions will be prosecuted.
The question of "could it be blamed on another entity" is very important imo, since public backlash currently makes an overt attack politically unpalatable or perhaps impossible. However the govt has proven very willing and able historically to engage in secret operations that would otherwise be rejected by the public.
Well, if that matters, then they can pay a foreign research team to design a better ASIC, then pay a foreign manufacturing team to build the better ASIC, then pay a foreign attack team to run the better ASIC. As long as they can keep the source of the payments hidden, then they can keep their actions hidden, right?
My main question now is: If a government agency developed a "mining" operation equal to 51% of the network, could it be brought online to appear as just more private miners
Yes, but that wouldn't be an attack. They would be participating in the security of the network. The blockchain can't determine the reason that someone is mining, and it really doesn't care.
or would there be clues that the operation was concentrated in a few locations with massive computing power in each location?
Not if they were careful about it, but since it would only be helping the network, it would be a good thing.