Bitcoin Forum

As you should know, two of the main core technologies that make Bitcoin work are implementations of the following with slight modifications:

Digital Signature Algorithm (https://en.wikipedia.org/wiki/Digital_Signature_Algorithm) - Patented by David W. Kravitz, a former National Security Agency employee.

SHA-256 (https://en.wikipedia.org/wiki/Sha-256) - Designed and released by the National Security Agency.

The National Security Agency is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S. government communications and information systems,[2] which involves information security and cryptanalysis/cryptography.(Wikipedia)

So, if the NSA is tasked with collecting and cracking foreign communications why would they provide the world with a hash function that is supposedly secure? Why would they provide the world with algorithms that would allow the world to hide information successfully? My opinion: They would not. They would likely only release cryptography they know they can infiltrate.

Assuming if DSA is compromised in a flash, what will happen to Bitcoin? Will we be able to migrate the blockchain to a new version of Bitcoin or will everything have to start from scratch?

Ask these questions to yourself. If you remain confident with your answers and the risk involved, feel free to stay invested. Otherwise, make a plan if you don't have one already.

Note: Posts will be deleted if they lack content and/or are off-topic.

So all the governments of the whole world, plus the army of crypto-scientists who have yet to crack SHA-256, are on the whole, either less technically adept than the NSA, OR are in on it too.

The NSA's budget is classified for a reason. The NSA's benefactors have access to resources that most of the world cannot even comprehend. I cannot offer proof but I can claim this is a possibility more real than most think. When a national government such as the US helps achieve control of the world's finances and military in less than 2 centuries anything seems possible.

By the way, have you seen the budget of the Department of Defense recently?

I guess the same goes for the US Navy and onion routing.

So if you had an infinite amount of money I guess you could land a man on Neptune? A bunch of money doesn't solve something that is inherently impossible. A more logical theory would be that the NSA regrets releasing such strong crypto to the masses. All this was released before the terrorists were trying to take away our freedom and the US decided it had to take away our freedoms to protect those freedoms.

Speaking of Neptune, there might be a very good reason why we haven't had a moon landing in over 40 years that involves the DoD as well. Who defines what is impossible? The common man or the men with all the power?

Your theory hedges on the NSA being incompetent which is just as valid. As for your last sentence, I will only say that the fear of "terrorism" is a centuries old ruse used to acquire power.

Well, SHA hashes, but doesn't crypt. You should read a bit about cryptography, as it isn't about the publisher, but the math behind which makes an algorithm considered as secure.

I am aware of this. I am not naive. As stated, NSA resources not only published these technologies but created the cryptography as well. They created the "math" behind closed-doors. The methodology behind these technologies is not fully disclosed. Sure, the technology is open but not the process it took to create it which can make all the difference.

What exactly are you implying about the process and why is that relevant? Whether Newton derived calculus on the toilet or while sitting under an apple tree or had a 'process' of drinking a cup of water every 30 minutes is irrelevant to the mathematical proof.

agreed.  I guess I should have said that rather than posting a meme about a tinfoil hat, which was deleted.  My point still stands -- I think anyone worrying about OP's post is wasting time and spreading FUD.

First I will note DSA relies on hash functions such as SHA-256.  The mechanics of Calculus are not equivalent in complexity to the workings of a hash function. It would be arrogant to say that the complexities of the SHA-2 algorithms are fully quantified and that they are uncrackable. Do you understand what it entails to analyze and understand cryptography? Do you understand the resources it involves? It's not just auditing regular source code.

You can't just put it front of one expert and be assured confidence. Holes in cryptography can take many years to find. One can deduce such holes can be well hidden.

Also, maybe the NSA and that ilk are inherently benevolent, and Satoshi worked for/with them in developing Bitcoin, so that a one-world currency could be brought to the masses in TPTB's fight for a NWO

I've definitely wondered about SHA-256 encryption and its origins.  I was having a conversation with a gentlemen, sharing with him a little about bitcoin when he somehow brought up encryption levels and he said he was into that stuff.  He asked if bitcoin was 128bit or what and I said no I believe it's 256, he looked in disbelief at me and said that 256 bit encryption requires national security level clearance, that can't be right.  I then googled it, confirmed SHA 256 and he looked even more stunned.  He then said, "that is interesting and I'll have to look more into it when I get home."

If I had not previously had a conversation with another friend about the origin of the SHA 256 algorithm coming from NSA patents, I wouldn't have felt quite the same little tingle in my spine when I had this conversation with someone whom had never heard of a bitcoin, prior to the 270 price bubble.  Since I had, and being a naturally inquisitive historian, this has definitely been an interesting thought, especially since 256 may be pretty well surpassed with petaflop computing already.  Think about the craziest largest array of bitcoin miners you've ever seen, multiply that by 100 and think about 100 locations running that kind of power...I'm pretty sure 256 could be cracked if you have enough resources, and if we're not already there, Moore's law would suggest they are starting manufacture of the technology that will run it soon.  I'm pretty sure military grade encryption is already beyond 256...suggesting they don't find it secure enough.

Consider this:
http://www.techspot.com/news/51044-25-gpu-cluster-can-brute-force-windows-password-in-record-time.html

http://www.bitcointrading.com/img/bitcoinwallpaper1.jpg (http://www.bitcointrading.com/img/bitcoinwallpaper1.jpg)

+1  Very cool.  I'm open to learning many things, I could very well be incorrect in my assumptions, I'm just suggesting the origins of some things are interesting indeed.

That assumes the algorithms are sound and are without flaw. That goes without saying that humans may not have a full grasp on physics.

There are two big things that I think need to be pointed out here. First, you have an assumption that the NSA can crack any cryptographic encryption or hash that they had a hand in developing (SHA-2 being the main example). Can you explain why:

A) Nobody else in the entire world has publicly managed to even come close to breaking SHA256.

B) NIST only recommended that the US Government move from SHA-1 to SHA-2 once it was publicly accepted that SHA-1 was insecure. Now, they're supposed to use SHA-2 everywhere. If the NSA is so far ahead of everyone else, why would they use hash functions they know to be insecure? As soon as a public release of a vulnerability comes out, their security will be severely damaged. (http://csrc.nist.gov/groups/ST/hash/policy.html (http://csrc.nist.gov/groups/ST/hash/policy.html))

C) SHA-3 was chosen through a contest where researchers publicly submitted and discussed their hash functions. The chosen winner to become SHA-3, Keccak, was selected because it is clearly fast and secure. It was not developed by the NSA, and there would be very little room for the NSA to "rig" the contest, finding a hash function that they, but nobody else, could find a flaw with. Doesn't this show NIST's intent: to provide a national standard for a secure hash, drawn from the minds of the best crypto researchers, in the case of SHA-2 failure?

The other issue I have with this theory is that Bitcoin does NOT use classic DSA. Bitcoin's signatures are done using elliptic curve cryptography. Neither ECC nor ECDSA come from the NSA (Here, (http://www.jstor.org/discover/10.2307/2007884?uid=3739560&uid=2&uid=4&uid=3739256&sid=21102112463453) here, (http://link.springer.com/chapter/10.1007%2F3-540-39799-X_31) and here (http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf)). A vulnerability in classic DSA does not mean there's a vulnerability in ECDSA.

So now we have two cryptographic functions, SHA-256 and ECDSA. SHA-256 is THE standard hash function, which has no public vulnerabilities and there is no evidence I see that would lead me to expect the NSA can reverse it. ECDSA is a fast, secure signature function that uses very different math for its security. The conclusion? Bitcoin was built using some of the most secure cryptography known to man, using multiple functions from different origins and mathematical backgrounds to ensure its security for ages to come. No NSA conspiracy here.

http://www.bitcointrading.com/img/bitcoinwallpaper1.jpg
[/quote]

+1  Very cool.  I'm open to learning many things, I could very well be incorrect in my assumptions, I'm just suggesting the origins of some things are interesting indeed.
[/quote]

2^256 is very big number (80 zeros)
http://www.universetoday.com/36302/atoms-in-the-universe/

I wouldn't be surprised if the Russian government has managed it. As for why civilians haven't broke it, it has to do with the fact they are dirt poor compared to the higher echelons of society and that academic research is highly controlled. At least, that's my theory. Again, cryptanalysis isn't equivalent to auditing source code.

The federal government isn't a unified organization. In fact, if I were higher up in the NSA, I would want the lower branches of the government to use weak cryptography so I could have access to all their communications and resources.

And who says the NSA uses SHA256? Do you work for the NSA? I doubt even the President knows their operating procedures. They likely use cryptography that isn't available to the public.

And why would an organization with a classified budget have their real and full policy out in the open on the web?


They could have rigged the contest indirectly. A lot of the contestants weren't even revealed and tons of them were rejected. The NIST could have very well  intentionally chosen a weak hash function that only the NSA could compromise.

How the winning hash function was chosen was not totally open and clear. They gave some vague requirements but not much beyond that. They could say it's "fast and secure" but that's taking their word on it. In the end, you're relying on trust.

It doesn't but it's still based on the core DSA technology. The bit security is improved but in the end it is a slight modification. ECDSA is directly based on DSA. It's equivalent technology.

This,

Also, why is this in economy/speculation/ ?

I wouldn't expect an intelligent answer to technical question in this sub.

Quick google searches will turn up many results for peer-reviewed, highly cited, public articles discussing attacks on SHA-2. These come from many different countries, and cover many old and new attacks. Do you have any evidence to back up your theory that academic research worldwide on SHA-2 is being highly controlled? That's a pretty wild claim to make with no supporting facts.


You mentioned you wouldn't be surprised if Russia has broken SHA-256. Do you believe that the NSA would tell the rest of the government to use hashes that Russia could compromise? What you're suggesting is that the NSA is scheming against the rest of the government, opening them up to surveillance from the NSA and other countries. Again, this is an extraordinary claim. Do you have any evidence for it?

I provided premises which required no stretch of the imagination to accept. Is it unreasonable to think that the entire public research world can come close to matching the intelligence of one small group? Is it unreasonable to believe that the NSA is acting with national security in mind when suggesting Suite B? You have responded to both of these premises with completely ungrounded ideas about conspiracies and schemes. How am I supposed to prove you wrong? You ever hear about the teapot (http://en.wikipedia.org/wiki/Russell's_teapot)? What could I say to convince you that your ideas are probabilistically unlikely and are not reasonable beliefs to hold?

No. http://keccak.noekeon.org/third_party.html (http://keccak.noekeon.org/third_party.html). Are you saying we can't trust ANY of these well-respected third part verifiers? There's been so much public work done on analyzing Keccak, and results are very promising.

The math is entirely different. EC multiplication is nothing like standard multiplication. You want to claim a vulnerability in DSA implies a weakness in ECDSA? Prove it. Give me a link to some research showing that, or point out where in the math there might be some similarity.

"The great achievements of civilization have not come from government bureaus. Einstein didn’t construct his theory under order from a bureaucrat. Henry Ford didn’t revolutionize the automobile industry that way." - Milton Friedman

My point is that looters won't beat Satoshi. He is the man who said that he would stop the looters of the world.

And he did.

Nobody wants to "take away" your freedom but your very own government.

The notable exception is of course the Internet.

The Internet may have been born out of a government agency, but it certainly hasn't grown into what it is today because of it. They deserve a little credit, but don't go too far.

Well, there's your answer. DSA and SHA-256 are not encryption algorithms, and are not used to hide information. They are used to authenticate data and communications, ie, make sure it hasn't been tampered with and was really created by the person who claims to have created it. The NSA receives data from other US government agencies and foreign governments as well as private companies. The NSA absolutely requires a way for these people providing them data to prove that they really are who they say are and that their data hasn't been tampered with. The only way they can do that is to provide secure public-key cryptosystems and hashing algorithms, and they daren't risk including a backdoor in case an enemy finds it and uses it to feed the NSA false data that appears to come from trusted sources. If these algorithms are flawed, the NSA's whole operation is in jeopardy.

The government commissioned it after the universities developed their networks.

Arpanet?

I think the OP needs to read up a bit more on the origin of Bitcoin and the Cypherpunks.

While it's important to keep one's guard up, one of the very aims of Bitcoin and the associated cryptography is to evade state eavesdropping and control. To suggest otherwise is quite ridiculous.

Start here:

http://en.wikipedia.org/wiki/Cypherpunk

Since "Satoshi" isn't around, maybe also pop into Hal Finney's thread (https://bitcointalk.org/index.php?topic=155054.0;topicseen) here and thank him.