/biz/ - Business & Finance

>>23250541
Not IOTA. Which is why it is the future. It's inevitable.

>>23250565
why not iota? because of the longer seed?

>>23250541
Actually it breaks everything. Banks, military, government systems, crypto, everything.

>>23250541
breaks my ass

>>23250881
it is in theory a threat to public key cryptography of small key size in about 100 years or so. in 100 years however the standard public key size can easily grow to 10 to 100 times the current standard. and it's exponentially more difficult to build a general purpose q-computer with every qbit added.

symmetric cryptography and cryptographic hashes will give little fucks about q machines. which means so long you don't reuse an bitcoin address you are fine for the next century.

>>23250541

jokes on you we have 100bn tokens

>>23250848
Because of Winternitz Signatures and it being quantum secure from the ground up

>>23250541
I wonder if future "mining" will just be attempting to bruteforce long inactive/abandoned bitcoin wallets.

>>23251134
im too dumb to undrstand this. i believe its true but if you or someone else is able to explain this to me i would be glad

people seriously believe this chandelier looking gizmo is a quantum computer kek

>>23251134
not that bitcoin couldn't easily adopt it both hashes+signatures and merkle trees being native to it's code from the start... not to mention taproot is already something similar.

>>23251134
why shouldnt a quantum computer be able to try a few billions seeds a second? maybe its not able to fake transactions but why couldnt it get into some random wallets

>>23251151
literally impossible with all the hardware in the world, even if future microchips were a trillion times as effective (they won't be)

>>23251316
that's not it, also q-computers have a very serious memory issue. they are dumber than your average casio watch from the 80s

>>23251237
IOTA is resistant against quantum computer attacks, due to its use of the Winternitz One Time Signature (WOTS) scheme, which is quantum resistant.[44] Due to IOTA’s choice of one-time signature scheme, spending from an address multiple times drastically reduces the security of the funds at that address, because it exposes portions of the private key associated with the address.[44]
idk I'm a brainlet too anon.
But mastercard just filed a patent for the tangle so there's that

>>23251319
not exactly true satoshi's coins also other early mined not moved coins use p2pk not p2pkh which means the pubkey is exposed. in a few decade we might see them being spent one after the other.

>>23251347
your spending address changes every time, but the seed stays the same. in my opinion those computers could just try some random seeds and get into some random wallets easily

>>23250541
nice movie prop

>>23251347
if quantum computers are functional, security of the tangle woulnt be our biggest problem. even if its quantum resitant, anything else will be unsecure

>>23251399
q computer wouldn't churn a seed any faster than a regular one or slower even.

>>23251319

completely false. conventional wallet private keys are only 256 bits. you stand a reasonable chance at factoring a private with the resources of a modest data center. nobody bothers because governments just subpoena your shit and criminals just kidnap your mom.

>>23251458
>completely false. conventional wallet private keys are only 256 bits. you stand a reasonable chance at factoring a private with the resources of a modest data center.
bollocks you don't factor ec keys anyhow you could factor rsa keys but those are more likely to be 4096 bits.
meanwhile the largest q-computer is like 50 qbit today and that could factor maybe 12bit numbers.

>>23251447
even if they would be able to, this problem couldnt this problem be easily resolved by limiting the "login" attempts to maybe 1 per second

>>23251543
how does that apply to a know pubkey i can't comprehend. login limiting is usually done in regards to either weak but memorably passwords or for dos protection.

>>23251245
it looks like that because the whole thing is dipped in a vat of liquid nitrogen when it operates, no one outside a lab is going to be running one of these anytime soon.

>>23251543
right, just rewrite sha256 to only allow 1 "login" per second
are you serious anon?

>>23250541
>breaks your face

>>23251587
and that monster thing couldn't break rsa-129 (which my pc could)

>>23251579
>>23251600
i thought of like if quantum computers are able to trial and error like 1 billion random private keys a second you could limit it to a specific number of trials per second per ip address.
those numbers are just guesses idk what they realy are capable of

>>23251600
"breaking" sha256 is a weird notion i can't wrap my head around still. bitcoin miners would be the most able to find a collision in the entire timeline if they weren't too specialized for it.

>>23251637
no a q-computer of sufficient size can easily know when it found the right private key without trying any others first. but traditional notions of computing don't really translate to quantum. no programs/software as we know them run on a q-computer. and all solutions good or bad exist at the same time.

>>23251664
if i understand this quantum science right, will this be like the discovery of fire?

>>23251637

think like fifty thousand orders of magnitude higher than that. e. g a few years back Google used a q computer to solve a problem that would have taken a conventional supercomputer ten thousand years. they did it in two seconds iirc.

>>23251697
it will be like the discovery of vulcanos.
cool but more dangerous and useless at the same time than anything.

>>23251709
why dangerous? if everyone makes their system quantum resitant this shouldnt be a problem

>>23251708
a special subset of problems yes. finding m for h(m) on sha256 is out of question for example

>>23250541
Not so fast
> monero chad enters the room

>>23251740

your knowledge runs deeper than mine. why is it out of the question?

>>23250541
sigh...
>when we have quantum computers we will also have quantum cryptocurrency

>>23251760
not shorable and m can be of arbitrary size meanwhile general purpose q-computers are extremely hard to add qbits to because of physics.
annealing matrices can't solve this sort of stuff.

>>23251739
vulcanos are also not very dangerous if you can somehow avoid falling into them aren't they?
but what i meant on that is q-computers are a bit of a dark horses that can bite where least expected.

>>23251641
If they can calculate entire elliptical curve all private keys are exposed

>>23251815
no only the ones that use p2pk
p2pkh (standard for many many many years now) and p2sh are only for now vulnerable if reused.
merkle tree based signature hash schemes that taproot naturally bring with itself to bitcoin will pretty much be quantum proof.

Btw Eth2 is quantum resistant

>>23251860
Ah interesting ok thanks

>>23251861
>Btw Eth2 is quantum resistant
Nope, not already at phase 2 at least

>>23251815
>>23251860
but i will tell you something funny that few people understand:
any private key in a deterministic hierarchic wallet generates all other keys of the hierarchy.
which means all seed based wallets including hardware wallets will be extremely vulnerable to q attacks but not oldschool secure random based bitcoin wallets.
basically if you have a seed beware.

>>23250541
ETH 3.0 is quantum staking

>>23251860
btw those are not key types but address or more like redeem/unlock script types p2pk simply exposes your public key so is transacting.

>>23251911
would this problem be solved by using a different seed for each wallet?

>>23250565
>>23250848
>>23250881
>>23251134
jesus fuck brainlets. the threat today is ZERO. in 10-20 YEARS MAYBE. when the threat gets closer to fruition all crypto will adopt quantum resistant tech.

>>23251992
obviously yes but that is mighty inconvenient.
there are also solutions to mitigate this within hierarchic key generation. you can also use hybrid methods with merkle tree hash signatures etc...
i'm jut saying right fucking now seed based wallets may be vulnerable after the first transaction.
but anyone with a brain will go after the low hanging fruit with massive payoffs: the satoshi trove.

>>23251316
the tech is not even close to existing yet, that's why

>>23252049
oh and btw not all seed based wallets are necessarily vulnerable either. in theory you could use the seed to simply init a deterministic random number generator using secure hash and not use hierarchic key generation at all... so there is that. no such rng using a proper crpytographic hash cipher scheme would be specifiable to an exposed private key.

>>23252108
*suspectable fuck autocorrect

>>23251526
for every qbit used for calculating you need to add an order of magnitude more qbits to be used for error correction or calibration or some other such nonsense - this does not scale linearly. each additional useful qbit must be accompanied by an ever increasing # of extra qbits to make it all work. by the time you get up to an interesting # of usable qbits the # of extras that ypu must add pn to make it all work becomes insane. we're safe for decades

>>23252135
>for every qbit used for calculating you need to add an order of magnitude more qbits to be used for error correction or calibration or some other such nonsense
more like more than double but yeah.
it will be a long fucking time before any old bitcoin address is cracked...

>>23252049
Is it wrong to assume that Hal Finney is dead based on what you're saying? He would have moved his coins to a more secure wallet at this point, being obviously aware of the possible weakness.

>>23252169
i'm pretty sure hal is dead officially he is in cryo but ice crystals forming and reforming slowly cut the cells and dna apart. he is frozen meat with little to no chance for resurrection.

>>23252202
https://www.alcor.org/2014/12/hal-finney-becomes-alcors-128th-patient/

>>23252202
Yeah they claim they are not really frozen, i.e. there are no ice crystals, but their tech is still too early. The absolute madlad didn't make it

>>23250541
lol
>>23250565
bigger lol

>>23252270
couldnt you digitally save dna and repair it if the tech is ready?

>>23252270
we will see but it would be ironic if it took longer to resurrect him than to plunder his stash with quantum attacks and he came back completely impoverished in a time and culture he can not understand.

>>23252302
in 20 to 50 years that might be feasible, but fixing the cells... not so much

you could probably raise a clone and maybe transplant the brain

>>23252302
if your whole body had the same dna and nanotech for it existed yeah, but it's not that simple. still a sufficiently advanced civilization could do some weird shit from dna fragments. the real issue is memories i guess and personality.

>>23252337
does every cell have a slightly different dna?

Are there people here who still believe Satoshi (let's imagine he's not Hal) is alive?

>>23252337
Yeah I mean is a copy of (you) you?

>>23252351
could have but more like different tissues as the cells divide and alter in function and specialize it's like a tree of "mutating" genetic maps with different markers even. dna sample from your bones blood or saliva could easily indicate a different person in forensics.

>>23252407
nice. is it true that dna changes all the time?

>>23252431
i can see that as cells divide and divide again it will change. there are errors to the copies every time and a lot of redundancy and defunct sequences written by ancient viruses.

Based knowledgeable anon

>>23252456
lets say i get addicted to nicotine. my body isnt able to tell if its a water/food contamination and downregualtes the receptors to minimize the effects of the drug. in my opinion it would be usefull for the next generations to have this saved in the dna

Thank god i own RLC, which is quantum proof

>>23250541
What the fuck I thought Zero Escape were videogames

>>23252544
Hear hear my brother

>>23252135
>>23252162

these models are only the way it's done now because all modern "qbits" are independent two-state junction approximations. you stuck with Shor and Flip codes. if we move over to lattice-bound harmonic oscillators, photon parity from the oscillator itself allows for error correction without entangled state redundancy.

And if we do end up with good harmonic oscillator qbits, you can probably kiss symmetric algorithms goodbye.

>>23251237

Wintermitz is basically One-Time-Pad.

very reductionist how it work - You use one-way hash function to generate a series of random numbers based on key, but you do not take all the numbers that you generate - you only chose some of them. you make this choice unique each time you hash numbers from key. thus, hash functions allow one-time-pad. you automate this choice of numbers to take using pseudo-random algorithm. as long as you do not reuse number choice twice, even knowing pseudo-random algorithim does not reduce security.

>double the seed length
>this kills the quantum breaker

>>23252544
I take it you’ve never worked in CompSci nor Cybersecurity... faggot