Bitcoin Forum

If you're reading this, you may be concerned or interested or exasperated over rumors of SHA256 weakness and in turn the implications for Bitcoin.

Stop reading now and rest assured in the knowledge that Bitcoin is safe for the rest of this decade if not century with regards to SHA256.

In fact, Bitcoin is probably safe beyond this century for reasons I will explain in more detail. First, let us discuss potential attacks against cryptographic digests (hash functions) in order of difficulty:

1. Collisions with less effort than expected on reduced round variants of a digest.
2. Collisions with less effort than expected on the full digest.
3. First-order preimage attacks against reduced round variants of a digest.
4. First-order preimage attacks against full digest.
5. Second-order preimage attacks against reduced round variants of a digest.
6. Second-order preimage attacks against full digest.
7. Practical attacks applied to full digest in the wild.

Yes, that's right. Bitcoin is safe until all of pins 1-6 have been tackled, and even then the costs are likely to make such efforts against Bitcoin impractical.

Even MD5 and SHA-1 are only vulnerable to #'s 1 and 2.

Find this subject interesting? You might like "The code monkey's guide to cryptographic hashes for content-based addressing" which is relevant to Bitcoin: http://valerieaurora.org/monkey.html (http://valerieaurora.org/monkey.html)

Now we can all go back to the illuminati and hacker threads.  Thanks! :)

Well, if you can get to the passwords you can probably just move all the money between one to another BTC-account aswell..

Seems something like this has happend to mybitcoin.com, yesterday users there claim their BTC were gone..

Let me make this real clear: SHA256 is part of the cryptographic underpinnings of bitcoin itself.

All the client software and exchangers and third party sites and password practices of users themselves are a completely different problem and horribly insecure by comparison.

But SHA256? No worries. It won't be broken in a way useful for forging bitcoin transactions any time this decade, and probably not this century or the next...

Feeling bold, eh? Think what computers existed a decade ago. Then think what computers existed a century ago. Also progress does not slow down, it accelerates.

Progress won't help.

There are roughly as many possible SHA256 hashes possible as there are particles in the universe.  It would take a computer the size a galaxy a very long time to brute force a collision.

It would take a serious overturning of a large portion of our knowledge of discrete algebra to break SHA256.  Could happen, but is generally considered to be unlikely in the near future.

lol when I looked into the possibility of lookup tables for SHA256, I think the answer was it would take roughly 1x10^610 GIGABYTES of storage to store all the possible solutions. 

Each solution takes up VERY little room.

I would just like to link this chart (http://valerieaurora.org/hash.html).