reply on: Is Quantum Computing really a threat? If that's the case, how? \ stacker news ~bitcoin

610 sats \ 2 replies \ @mallardshead 24 Oct 2023 \ parent \ on: Is Quantum Computing really a threat? If that's the case, how? bitcoin

But PoW mining in bitcoin requires the continuously adjusted nonce and extranonce to be hashed along with the previous block header. No block can ever be the same because of the current and previous header data included (timestamp, merkle root, previous block hash, etc). My point about the iterative hash function relating to quantum algos not being suited to this work, is that preimage (in SHA hash functions) and cryptography don't matter, as the nonce of any current block is simply an empty field that a super fast machine can only trial and error to create. Or maybe I completely misunderstood what you argued, and you went over my head. Would really appreciate if you did explain it then. Sats inbound.

1020 sats \ 1 reply \ @Michelson_Morley 25 Oct 2023

No, I was wrong, specifically about the SHA-256 vulnerability. Thank you for giving me a chance to go on a bitcoin/cryptography rabbit hole journey!

I would still warn about being too confident in network security. I'm currently focusing my studies on this and it really is absurd how insecure everything is. How much does it matter that the bitcoin miner node is safe, if it is easy to gain access to, or easy to intercept its message of a successful block?

HTTP compression endangers the whole world, and not even using quantum computers:

All versions of TLS and SSL are at risk from BREACH regardless of the encryption algorithm or cipher used.[123] Unlike previous instances of CRIME, which can be successfully defended against by turning off TLS compression or SPDY header compression, BREACH exploits HTTP compression which cannot realistically be turned off, as virtually all web servers rely upon it to improve data transmission speeds for users. (source)

And once quantum computers become operational, (hell, even today, snowden tells us that the NSA has backdoored TLS/HTTPS), what happens when every malicious actor knows the IP address of every mining node? I can tell you one thing that might happen, they might decide to park their car outside the miners house and use electromagnetic detectors (etc) to gain knowledge about the ciphers you communicate by.

If you have make a wireless SSH connection to your server and type a password instead of using public keys, did you know that a sniffer can see every time you pressed a key? Not which key it was, but this info still narrows it down the password brute force absurdly..

That''s the trouble. It's not enough to secure one part, every layer of network protocol as well as everyone (who can dox you)s behavior, and ideally that should be done now. Yesterday even. Every asymmetric public key system, such as digital certifications from LetsEncrypt or one of the other 4 companies (in the world) who provide them, the rely on too few bits even now (this I also learned from Snowden). The NSA can see you.

Going back to bitcoin, its encryption is quantum vulnerable today like TLS before 1.3 (apparenty bitcoin uses elliptic curves somewhere and not just hashing? does anyone care to explain to me?).

And for most networks (and all obscured repeated behavior) can by enough observations eventually give you the compelte unobscured behavior from the moment you begain observing (unless you use forward secrecy, but the point still stands, because again, there are so many layers that need to be unbreakable!). Simply due to Bayes theorem. The first time I programmed one of these (a hidden markov model) was in my final algorithms class, I was blown away that it was even physically possible.

God i love programming. @ekzyis you're a white hat, you know more than me about this. Feel free to weigh in :) (or anyone else).

113 sats \ 0 replies \ @mallardshead 27 Oct 2023

Thx for the explanation Morley!