MD5 required more than heatdeath of the universe. Then it was cracked, and eventually easy.

This I don't believe.

Hashes like SHA-256 and symmetric ciphers like AES are relatively robust to quantum computers. Traditional asymmetric cryptography is much easier for quantum computers to break, and would allow attackers to forge new transactions that move bitcoins between arbitrary wallets -- for example, the huge number of coins that Satoshi mined early on. The

The paper is talking about the 256 bit ECC keys. SHA-256 doesn't secure bitcoin, it is the current proof of work method for bitcoin. Many coins change their proof of work method, it doesn't really affect the transactions. The paper talk about a real threat to bitcoin in that a large enough quantum computer could crack the 256 bit ECC keys used to spend the contents of a bitcoin wallet. Math Trigger Warning! A bitcoin wallet address is the hash of the public key. If I give you a public key and a signed transaction for the wallet with the address that is the hash of the public key, you can hash the public key to verify the wallet address and then use the public key to validate the transaction. If you have an ECC public key and a really big quantum computer you can find the private key needed to sign transactions and thus steal the contents of the wallet. Except in bitcoin you only see the public key the first time money is spent from a wallet. Assuming people in the future only use wallets once this means you only have at most 10 minutes from the time the transaction is published to the network to find the private key, create your own transaction and get some miner to mine it into the block chain before the legitimate spend is recorded in the block chain. The paper calculates a quantum computer would need 317 million cubits to do this calculation in the 10 minute window.

Hacker cracks bitcoin with HP 35C.

Interesting, but the question everyone is wondering is... can we do quantum mining! /s

Wouldn't the cracking of Bitcoin be a relatively minor story in the shitstorm if SHA256 was broken?

An exoplanet made of qubits.

If you had a computer that powerful that it approaches the power to break Bitcoin, it would definitely be more profitable to mine Bitcoin with it instead.

a quantum hacker you crack bitcoin, the majority of miners would probably agree to fix it?

Bitcoin is completely secure, nothing to worry about.

something Webber says is unlikely to happen for a decade

oh. so all my bitcoins might become worthless in ten years?

If the size of quantum computers continues to double annually as it has been, that's log2(13 million / 127) = 17 years, or 2039.

If, on the other hand, the pace drops to doubling biennially, that'd be 34 years, or 2056.

by order of magnitude. So, that means that SHA-256 is only “6” away from being broken.

you just need 51% of the mining to control bitcoin

13 million qubits in about 32 years [1]https://www.wolframalpha.com/i... [wolframalpha.com]

[1] https://www.wolframalpha.com/input/?i=127*2%5E(X%2F2)+%3D+13000000

Firstly yes Quantum computing that is a danger is not happening anytime in the near future, way to many problems still to overcome for any sort of viability. Regardless it doesn't need to be a million times stronger, if a computer could break encryption in a year that would be devasting, so based on the maths in the summary that is around a 280 times increase in size required just to do in a year.

One of my major misgivings with crypto as a holding medium (transfer medium is somewhat of a different case) is the inevitability of "today" crypto being busted by "tomorrow" hardware and code. Even without an implementation flaw in the code or key sharing or something.

of computers getting more complex and capable by several orders of magnitude. Now if you'll excuse me I need to do some programming on my IBM 700 series mainframe.

I don't find this reassuring at all. We will have that kind of power someday so Bitcoin will essentially become futile in the future. Or am I missing something?