You are viewing a single comment's thread from:

RE: Introducing the Elliptic Curve Discrete Log Problem

in #cryptography7 years ago

Great post, just read it after reading your comment on my quantum computing post. You definitely know much more than me on the topic. I am interested to see the upcoming Defcon talk where some of the people are going to be talking about cracking sha256. It is because of the reasons in your article that people are calling bullshit. If they have been extraordinarily lucky, or successful it is probably because of a bug in a specific website's key generation. Im sure most of what they are talking about will go over my head, maybe you can do a ELI5 for all of us laymen :)

Sort:  

I'm certainly interested in that Defcon talk, too... but there's probably nothing quantum about it. Most hashing algorithms are broken by finding ways to produce a collision - that is, generate some input to produce the same hash, but not necessarily the original data.

For Bitcoin, SHA256 is used as IDs to make transactions and blocks immutable. It is also used in the generation of Bitcoin addresses for P2SH transactions. So one attack on the blockchain that I can see is this:

The way that mining works is that you include a bunch of transactions into a block that pays yourself the block generation fee. The hash of all of this data (a 256-bit number) needs to be below a certain value, meaning that it needs to start with a certain number of zeros. If a hacker can generate valid data for arbitrary SHA256 hashes, then they could start with a hash that has the necessary zeros, and then work to construct block data that hashes to that value. This would likely start with a valid structure (else it would be rejected by the network), and then algorithmically-generated "garbage" data included in the block to result in the hash code.

I just read through the Defcon 2017 session list. Are you referring to this talk?

How we created the first SHA-1 collision and what it means for hash security

Possibly? I remember the talk being a bit different in the way it was advertised on reddit , but that could have just been fear mongering.