top | item 45676591

(no title)

vayup | 4 months ago

Quantum is a known threat. There is enough time to fix it. Folks are working on the fixes.

Cryptocurrencies would be the last thing I worry about w.r.t Quantum crypto attacks. Everything would be broken. Think banks, brokerage accounts, email, text messages - everything.

discuss

acdha|4 months ago

I think that’s backwards: most of the stuff you mentioned is using TLS and can switch to post-quantum algorithms with a config change, and do so incrementally with no user-visible impact - e.g. right now I’m already using PQC for many sites and about half of the traffic Cloudflare sees is using PQC:

https://radar.cloudflare.com/adoption-and-usage

In contrast, cryptocurrencies have to upgrade the entire network all at once or it’s effectively a painful fork. That effort appears to just be getting talked about now, without even starting to discuss timing:

https://github.com/bitcoin/bips/pull/1895

wahern|4 months ago

> In contrast, cryptocurrencies have to upgrade the entire network all at once or it’s effectively a painful fork

Bitcoin is much more centralized than the popular imagination would have you believe, both in terms of the small number of controlling interests behind the majority of the transaction capacity, and just as importantly the shared open source software running those nodes. Moreover, the economic incentives for the switch are strongly, perhaps even perfectly, aligned among the vast majority of node operators. Bitcoin is already dangerously close to, if not beyond, the possibility of a successful Byzantine attack; it just doesn't happen precisely because of the incentive alignment--if you're that large, you don't want to undermine trust in the network, and you're an easy target for civil punishment.

__MatrixMan__|4 months ago

I can't remember which chain it was but I'm sure I've seen stats on in-progress rollouts of protocol changes where the network took something like weeks or months to all get upgraded to the new version. You can design for tolerating both for a time.

ziofill|4 months ago

Is this a purely server side migration? Do browsers/OSs need updating too?

snailmailman|4 months ago

The world has already migrated through so many past now-insecure cryptography setups. If quantum computers start breaking things, people will transition to more secure systems.

In HTTPS for example, the server and client must agree on how to communicate, and we’ve already had to deprecate older, now-insecure cryptography standards. More options get added, and old ones will have to be deprecated. This isn’t a new thing, just maybe some cryptographic schemes will get rotated out earlier than expected.

Barrin92|4 months ago

> If quantum computers start breaking things, people will transition to more secure systems.

that's not really the issue, the real interesting part is existing encrypted information that three letter agencies likely have dutifully stored in a vault and that's going to become readable. A lot of that communication was made under the assumption that it's secure.

irjustin|4 months ago

> Everything would be broken. Think banks, brokerage accounts, email, text messages - everything.

Wonder if this would become the next "nuclear proliferation".

Since it's so hard to manufacture it gets controlled at state level and then becomes a technology that the general public are never allowed to have.

vayup|4 months ago

No, it is a known problem. It will get fixed in time.

germandiago|4 months ago

Like everything else that is a new invention, it can be a threat.

Anyways I am against stopping evolution on those grounds. What we need to do is learn and fix as you say. Not regulation and forbid. :)