StinkiePhish t1_j1n9bhj wrote on December 25, 2022 at 8:25 PM

Reply to comment by nagareteku in An IBM Quantum Computer Will Soon Pass the 1,000-Qubit Mark by giuliomagnifico

It will crack elliptic curve cryptography before hashing or symmetric encryption (AES). For bitcoin, that means the secp256k1 curve.

It's estimated that 2,330 qubits with error correction are needed to crack secp256k1. This IBM computer does not have error correction so we're not near half way there.

KAMSPioneer t1_j1noanj wrote on December 25, 2022 at 10:25 PM

Totally. Just to be clear for the thread, a useful quantum computer will break ECC way, way before AES or SHA2.

pm_me_wet_kittehs t1_j1qg1oa wrote on December 26, 2022 at 4:09 PM

for symmetric algorithms, a quantum computer would turn 256 bits of security into the equivalent of "Only" 128 bits. Double the key length amd any advantage just goes up in smoke. quantum won't help in a practical manner for AES

maqp2 t1_j1tmb9l wrote on December 27, 2022 at 8:03 AM

Also, SHA256 does lossy compression, and obtaining preimages larger than 256 bits can not be done at all, QC or not.