Post
Topic
Board Development & Technical Discussion
Re: Quantum Computer vs Bitcoin
by
nullius
on 14/12/2017, 00:26:52 UTC
I've read on the Bitcoin wiki that Bitcoin private key is usually a 256 bit number, but it can also be between 128 to 512 bits.

Are you speaking of this page?  It is wrong (permalink to incorrect section in incorrect version).  I will apply for wiki editing privileges to correct it.  A Bitcoin private key is always exactly 256 bits, no more and no less.  I infer that the editor who wrote the incorect text was confusing private keys with HD seed values, or something of that nature.  On a brief glance, this page and this page seem correct.

Others on this thread have already explained the basic technical details of what a quantum computer could do.  The takeaway is that Bitcoin’s public-key crypto would be broken—however, public keys which have not yet been exposed would be safe.  There is no way to recover the public key from its hash, not even with a quantum computer.  For other hash properties, in a PQ world, a 256-bit hash should be considered to have today’s equivalent of a 128-bit security level; that’s adequate.

The more important point is that a practical, real-world quantum computer would shatter the banking system, as well as the security of the whole Internet.  Bitcoin would actually fare relatively well, due to its use of hashes in transaction outputs.  This is not really a Bitcoin issue.  Some people (not you) who ask about quantum computers in this context tend to imply that it’s a Bitcoin risk, whereas you should be (relatively) much more worried about your bank accounts.