|
|
|
|
|
|
by ilya_m
553 days ago
|
|
|
The only problem with this business model is that once you factored one number, you kill your market - people will stop using pre-quantum crypto. (The obvious retort is that NSA would have harvested a ton of RSA/EC-encrypted traffic by then and would keep cracking ciphers going back decades. Unfortunately, old secrets is a rapidly depreciating asset class.) |
|
|
Getting crypto coins to move over to post-quantum seems to me to be a much harder problem than e.g. rushing out a new version of TLS or SSH.
The key to Satoshi's original coins is a rapidly _apprecicating_ secret at the moment, but paradoxically also one that might immediately crater out if someone actually discovers a generic way to break the crypto involved.
I'm not an expert on this angle of things but: as far as I know, Shor's quantum algorithm breaks both RSA (factoring) and DSA (finite-field discrete logarithms). But I'm not sure if it works the same way against elliptic curves - or at least you'd probably need a bigger computer to attack the same level of security.
It's not clear to me if a quantum computer could effectively attack SHA256, either: Shor definitely does not help, Grover cuts the search space from 256 to 128 bits but that's still not practical to iterate over.