[fio_ini]

Will quantum computing destroy blockchain and classical encryption algorithms as we know? So there will be a need for quantum blockchain and quantum encryption.

[_Microft]

Post-quantum cryptography is a thing:

https://en.wikipedia.org/wiki/Post-quantum_cryptography

[jl2718]

Until it’s not. Nobody has proven any of these schemes to be secure against quantum attack. Post-quantum (today) just means that nobody has proven that the problem is equivalent to a problem that quantum computing can solve efficiently. This article is about LWE being proven breakable. Others will follow. The security of these schemes rests mostly upon the lack of researchers that understand them and quantum computing well enough to approach an equivalence class proof. Example: elliptic curve isogenies.

[DennisP]

I'm wondering whether it avoids this new type of problem that QCs should be able to solve.

[gxiv]

Going by their description of the problem, it looks like it's distinct from how all the mainstream post quantum algos (LWE, NTRU, SIDH, etc) work.

Edit: I've finished the article lol. Now I'm not so certain that this is 100% distinct from something like LWE.

[fio_ini]

wow this is pretty interesting stuff thanks for the link. I'm not sure why I get such a negative response to my question since I'm seriously asking and not sure I should be concerned if this is like a alan turing enigma type of situation we're dealing with.

[eimrine]

IMO this is kind of P!=NP situation. While this statement is true, blockchain and classic cryptography keep existing. Maybe some minor improvements, like new hash algos or more significant bits, will be needed soon.

[atwood22]

Classical asymmetric encryption algorithms like RSA and ECDSA (which Bitcoin uses) can be easily broken by a quantum computer. Brute-forcing symmetric algorithms like AES gets a speed up on a quantum computer, but not enough to consider the algorithms broken.

[astrange]

Bitcoin doesn't use them in a way that'd let you completely break it; the asymmetric keys aren't broadcast until someone does a new transaction with them, so you can't fake one for a wallet you've never seen the public key to.

[atwood22]

How is the transaction signature verified without the public key? This link seems to indicate spender public keys are inside of the transaction: https://bitcoin.stackexchange.com/a/102667

[astrange]

Ah, I had the details wrong. If there’s a signed transaction from a wallet, then you have the compressed public key and it’s not quantum safe.

But if the funds are sent to a new wallet address and there’s no transactions signed by that wallet yet, it can’t be forged without also reversing the hash that created the address.

[atwood22]

Yes, it was a good idea to do that. I didn't realize that addresses were essentially a hash of the public key, but it makes sense.

[birdyrooster]

Oh cool, can you tell me who has successfully and easily achieved this result?

[akavel]

Peter Shor; though whether easily, I can't say for sure. https://en.wikipedia.org/wiki/Shor's_algorithm

[l33tman]

The previous commenter was being sarcastic, due to the use of the "easy" word (there is no implementation of Shor's algorithm yet that comes even near outpacing the classical version)

[t_mann]

> Will quantum computing destroy blockchain and classical encryption algorithms as we know?

Short answer: the currently popular ones? Yes. All that we know? Probably not. See eg: https://ieeexplore.ieee.org/document/8967098

[spywaregorilla]

I'm surprised there aren't quantum blockchains already.

[q-big]

> I'm surprised there aren't quantum blockchains already.

There are:

> https://www.quantumblockchains.io/

> https://quantumblockchaintechnologies.co.uk/

:-)

[spywaregorilla]

Oh sweet. Looks like quantum PoS is just .5 + .5i months out

[andreareina]

I think you're missing a couple of sqrt()s ;)