Bitcoin Forum
December 03, 2016, 05:49:36 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Guy on twitter claims he is working on hash method without brute force.  (Read 8084 times)
zby
Legendary
*
Offline Offline

Activity: 1429


View Profile
May 30, 2011, 08:07:33 PM
 #21

relatively little research has been done on the subproblem of sha256 compromise on which bitcoin's security depends. it is not the same problem as one-to-one collisions (i.e., an outright compromise of the function). in the general case, it cannot be determined whether finding a result that corresponds to a pattern that matches x out of 2^256 hashes is indeed no more than x times easier than forcing a one-to-one collision. there are reasons to think that in bitcoin's particular case, it is just about that easy and thus that bitcoin's use of sha256 in mining is secure - but to my knowledge that hasn't been proven.
I would be surprised if there were no results showing how to mine faster.  The statement that the current algorithm is the fastest one of all possible is rather strong.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480787376
Hero Member
*
Offline Offline

Posts: 1480787376

View Profile Personal Message (Offline)

Ignore
1480787376
Reply with quote  #2

1480787376
Report to moderator
1480787376
Hero Member
*
Offline Offline

Posts: 1480787376

View Profile Personal Message (Offline)

Ignore
1480787376
Reply with quote  #2

1480787376
Report to moderator
1480787376
Hero Member
*
Offline Offline

Posts: 1480787376

View Profile Personal Message (Offline)

Ignore
1480787376
Reply with quote  #2

1480787376
Report to moderator
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 30, 2011, 08:23:13 PM
 #22

this is going to turn out just like the may doomsday. once it flops, the guy is just going to vanish.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 08:26:01 PM
 #23

this is going to turn out just like the may doomsday. once it flops, the guy is just going to vanish.

BitRapture.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
May 30, 2011, 08:35:03 PM
 #24

Yes, I asked Yu Sasaki specifically about the problem of finding a partial pre-image rather than a full pre-image. She didn't seem to think it would make things any easier. I don't think we can do better than this for now. If there's a weakness in (double) SHA256 that would make it easier to solve the problem Bitcoin uses I guess there will be an academic paper on it eventually.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
May 30, 2011, 08:37:28 PM
 #25

Yes, I asked Yu Sasaki specifically about the problem of finding a partial pre-image rather than a full pre-image. She didn't seem to think it would make things any easier. I don't think we can do better than this for now. If there's a weakness in (double) SHA256 that would make it easier to solve the problem Bitcoin uses I guess there will be an academic paper on it eventually.

Is it right that it won't be a problem if it becomes a thousand or a million times easier to solve? People will just switch to the better algo and difficulty will increase like when we moved to GPUs.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
cloud9
Member
**
Offline Offline

Activity: 70


View Profile
May 30, 2011, 08:42:24 PM
 #26

As soon as it can be done, and everybody knows it can be done, and everybody want to do that, some other people will also find a way to do that and if it becomes open source (just like the gpu miner) - everybody will be doing that and the network hash rate will just supercharge as it did when graphics card mining were introduce - and the system will balance itself around the new competition factor - even securing the system even more against an attacker not using such a hash algorithm (if it exists!!!  Cheesy)

Disclaimer:  Postings of Cloud9 are only individual views of opinion and/or musings and/or hypothesisses.  On a non-authoritative, peer-to-peer public forum, you do not need permission from Cloud9 to derive your own conclusions or opinions, so please do.  Calculations and assumptions to be verified.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
May 30, 2011, 08:45:06 PM
 #27

That's what I thought, so SHA256 needs to completely break to be a problem for Bitcoin?

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
gigitrix
Sr. Member
****
Offline Offline

Activity: 476


Bitcoins finest!!!


View Profile
May 31, 2011, 01:08:44 AM
 #28

Yeah, because hacking billions from banks and pretty much every website using SHA256 wasn't enough incentive, clearly it takes bitcoin to get SHA256 attacking investigated  Roll Eyes
unk
Member
**
Offline Offline

Activity: 84


View Profile
May 31, 2011, 01:52:43 AM
 #29

i'm curious what you think you could do to most 'banks' with a compromise of sha-2. more readily mount a phishing attack by spoofing an ssl certificate? sneak into their datacenter, figure out how they handle internal integrity checks, and then spoof those checks after injecting your own data?
bittrader
Jr. Member
*
Offline Offline

Activity: 42



View Profile
May 31, 2011, 11:39:01 PM
 #30

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

SHA256 allows an attacker to create a hash that corresponds to [your message w/padding] + [his own message] without having to know what [your message] was. This could be a serious vulnerability for some (incorrect) applications of SHA256. Double hashing prevents this attack.
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 31, 2011, 11:43:47 PM
 #31

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

SHA256 allows an attacker to create a hash that corresponds to [your message w/padding] + [his own message] without having to know what [your message] was. This could be a serious vulnerability for some (incorrect) applications of SHA256. Double hashing prevents this attack.

Really?  I thought that was only on SHA1 or MD5...

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
wumpus
Hero Member
*****
Offline Offline

Activity: 798

No Maps for These Territories


View Profile
June 01, 2011, 04:40:03 AM
 #32

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

SHA256 allows an attacker to create a hash that corresponds to [your message w/padding] + [his own message] without having to know what [your message] was. This could be a serious vulnerability for some (incorrect) applications of SHA256. Double hashing prevents this attack.

Really?  I thought that was only on SHA1 or MD5...
Also for SHA256, see the algorithm:
https://secure.wikimedia.org/wikipedia/en/wiki/SHA-2#SHA-256_.28a_SHA-2_variant.29_pseudocode

a-h represent the hasher state, and they're all concatenated to form the hash. So someone with the hash can continue the hashing with his own data. One of the requirements for the recent NIST competition was AFAIK that this was not possible (hasher has hidden state).

In the case of bitcoin this is not a problem though. This doesn't simplify finding a hash value within a certain range.

this is going to turn out just like the may doomsday. once it flops, the guy is just going to vanish.
Indeed, he wouldn't exactly be the first guy making a bold claim on the internet.

Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
October 04, 2011, 07:36:42 PM
 #33

this is going to turn out just like the may doomsday. once it flops, the guy is just going to vanish.

Well this is embarrassing...........

I didn't vanish Wink

Long story short is this: I looked at how much hardware this would take to precalculate the branches and found it'd be cheaper to just buy BTC or mine the old-fashioned way.

People on this thread are forgetting something very important - in bitcoin, we map a block hash to a nonce. This MASSIVELY reduces the search space, otherwise miners would not be feasible at all. My (now abandoned) work was about further reducing the search space by removing binary branches (i.e each bit of the nonce splits it into a new branch) that will never result in a valid hash as output. Each time you do this you divide the time taken to mine a valid block by 2. That's the theory anyway.

When I started to get into the details and try to build the thing I discovered that although theoretically possible it'd take so much resources it's not worth it.
ElectricMucus
Legendary
*
Offline Offline

Activity: 1540


Drama Junkie


View Profile
October 04, 2011, 07:44:48 PM
 #34

I can imagine it is possible to use known cryptoanalysis of sha-2 to write software which is 50-90% more efficient of what we have now, though I doubt it.

First they ignore you, then they laugh at you, then they keep laughing, then they start choking on their laughter, and then they go and catch their breath. Then they start laughing even more.
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
October 04, 2011, 07:46:48 PM
 #35

I can imagine it is possible to use known cryptoanalysis of sha-2 to write software which is 50-90% more efficient of what we have now, though I doubt it.

From the time I put into this thing, it's possible - definitely possible - but you're better off using traditional methods because of the resources needed either in pregeneration using my approach or in development time.
Gabi
Legendary
*
Offline Offline

Activity: 1050


View Profile
October 04, 2011, 07:58:34 PM
 #36

So, we have a guy claiming to revolutionize the whole thing

+

aspiesforfreedom

aspie...


=

Yeeeaahhh sure....  Roll Eyes should i link the aspie article on encyclopedia dramatica?
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
October 04, 2011, 08:01:57 PM
 #37

The more relevant tweets that were missed off from the first post:
http://twitter.com/#!/garethnelson/status/75236526593810432
http://twitter.com/#!/garethnelson/status/75236664062132224
http://twitter.com/#!/garethnelson/status/75236789480210432

As for Gabi's comments, well - i'm just going to ignore the nastiness as ED is known for having nothing nice to say on any subject.
Example - http://encyclopediadramatica.ch/Bitcoin
ElectricMucus
Legendary
*
Offline Offline

Activity: 1540


Drama Junkie


View Profile
October 04, 2011, 08:25:01 PM
 #38

If you complain about how ED is written it probably isn't for you  Tongue

First they ignore you, then they laugh at you, then they keep laughing, then they start choking on their laughter, and then they go and catch their breath. Then they start laughing even more.
Gareth Nelson
Hero Member
*****
Offline Offline

Activity: 722


View Profile
October 04, 2011, 08:42:15 PM
 #39

If you complain about how ED is written it probably isn't for you  Tongue

Some stuff on there is mildly amusing, sometimes even in a self-depreciating way, but generally it's just nasty for the sake of being nasty.
error
Hero Member
*****
Offline Offline

Activity: 574



View Profile
October 05, 2011, 12:26:41 PM
 #40

If you complain about how ED is written it probably isn't for you  Tongue

Some stuff on there is mildly amusing, sometimes even in a self-depreciating way, but generally it's just nasty for the sake of being nasty.

I'm only going to suggest that you know what you're talking about before opening your mouth on the Internet, or people who DO know what they're talking about will call you out.

15UFyv6kfWgq83Pp3yhXPr8rknv9m6581W
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!