It depends. If it turns out that every NP problem has an O(n^1000) solution, but no better, then P = NP but it won't matter much in practice. On the other hand, if every NP problem has an O(n) solution, then the entire field cryptography will be thrown into disarray. Not just Bitcoin but SSL and secure hashing will be in trouble.
If I were you, I wouldn't worry about the "P = NP" case. It is much more likely than an application-specific attack is found.
My understanding is bitcoin uses elliptic curve cryptography which isn't vulnerable to Shor's algorithm.
Certainly there are many systems that will be vulnerable to quantum computers, but very common systems like TLS can be upgraded to ECC without much trouble, and other systems will have to be replaced. It seems unlikely to me that the second quantum computer capable of factoring multiples of large primes will be sold before the majority of vulnerable systems are upgraded or replaced.
4 comments
[ 2.8 ms ] story [ 18.3 ms ] threadIf I were you, I wouldn't worry about the "P = NP" case. It is much more likely than an application-specific attack is found.
Although I think quantum encryption will become common place before someone builds quantum computer with enough qubits to factor large numbers.
Certainly there are many systems that will be vulnerable to quantum computers, but very common systems like TLS can be upgraded to ECC without much trouble, and other systems will have to be replaced. It seems unlikely to me that the second quantum computer capable of factoring multiples of large primes will be sold before the majority of vulnerable systems are upgraded or replaced.