oleganza (OP)
Full Member
 Offline
Activity: 200
Merit: 104
Software design and user experience.
|
 |
February 28, 2013, 06:53:38 PM |
|
Mining is based on finding partial collision of SHA-256(SHA256(block header)). Bitcoins get more expensive, creating incentives to develop cheaper and faster hardware that finds these partial collisions. Another way to make profit is to make a cryptanalysis of double SHA256 in order to figure out a faster way to produce a partial collision. I wonder how many people would try to do that in order to gain more hashing power for themselves.
I myself don't have much idea of the complexity of this task, but for those who understand hash functions better, it could be an interesting question to ponder. Imagine, you find a way to get partial collision 2 times faster: you can increase productivity of the existing GPU farm by a factor of 2 (unfortunately, ASICs will need to be changed since the algorithm would be different, but it's not your problem). Discuss.
|
Bitcoin analytics: blog.oleganza.com / 1TipsuQ7CSqfQsjA9KU5jarSB1AnrVLLo
|
|
|
|
|
|
|
|
Bitcoin addresses contain a checksum, so it is very unlikely that mistyping an address will cause you to lose money.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3374
Merit: 4606
|
|
February 28, 2013, 07:00:02 PM |
|
Discuss.
Already been discussed many times. No need to discuss it again right now. There is currently no known way to reduce the effort required to find an appropriate hash. Someday in the future a weakness may be discovered in SHA-256 that will reduce the effort required, or it may not. |
|
|
|
|
foggyb
Legendary
Offline
Activity: 1652
Merit: 1006
|
|
February 28, 2013, 07:08:45 PM |
|
|
|
|
|
|
misterbigg
Legendary
Offline
Activity: 1064
Merit: 1001
|
|
February 28, 2013, 07:22:02 PM |
|
Mining is based on finding partial collision of SHA-256(SHA256(block header)). Bitcoins get more expensive, creating incentives to develop cheaper and faster hardware that finds these partial collisions. Another way to make profit is to make a cryptanalysis of double SHA256 in order to figure out a faster way to produce a partial collision. I wonder how many people would try to do that in order to gain more hashing power for themselves. If you agree never to post again until SHA-256 is broken I will agree to pay you 100BTC when SHA-256 is broken. |
|
|
|
|
oleganza (OP)
Full Member
Offline
Activity: 200
Merit: 104
Software design and user experience.
|
|
February 28, 2013, 08:56:04 PM |
|
Thanks for the links. We all understand economical effect: faster hashing will be equivalent to faster ASICs, complete crack will mean quick adaptation of another hash (e.g. SHA-3). My question was not about that, but about explorations in how to make partial collisions faster (I do not imply "instantly") for double SHA. Are there known papers/people who explore it? I'm just curious whether in some future there will be a very bitcoin-specific method to predict, say, if you are going to have some zeros in the output or not. So you save some cycles and jump to next nonce. The algorithm can be probabilistic, of course. E.g. if we can figure out some patterns in the internal state during hash computation.
|
Bitcoin analytics: blog.oleganza.com / 1TipsuQ7CSqfQsjA9KU5jarSB1AnrVLLo
|
|
|
wabber
Member
Offline
Activity: 85
Merit: 10
|
|
February 28, 2013, 09:05:49 PM |
|
I'm just curious whether in some future there will be a very bitcoin-specific method to predict, say, if you are going to have some zeros in the output or not.
There is one today already. Compute the hash and check. |
|
|
|
|
Syke
Legendary
Offline
Activity: 3878
Merit: 1193
|
|
March 01, 2013, 04:20:48 AM |
|
I'm just curious whether in some future there will be a very bitcoin-specific method to predict, say, if you are going to have some zeros in the output or not. So you save some cycles and jump to next nonce. The algorithm can be probabilistic, of course. E.g. if we can figure out some patterns in the internal state during hash computation.
That's already being done. Bitcoin miners do not compute a complete SHA256 hash. There are several minor shortcuts already implemented in modern miners. |
Buy & Hold
|
|
|
iCEBREAKER
Legendary
Offline
Activity: 2156
Merit: 1072
Crypto is the separation of Power and State.
|
|
March 02, 2013, 03:59:32 AM |
|
OP is 100% correct. Bitcoin is a way for The Network to trick cryptonerds into building them rainbow tables.
Only Fort Meade has enuf exabytes to store them all...
*doo doo doo, do do do do do*
/X-Files theme
|
██████████
██████████████████
██████████████████████
██████████████████████████
████████████████████████████
██████████████████████████████
████████████████████████████████
████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
██████████████████████████████████
████████████████████████████████
██████████████
██████████████
████████████████████████████
██████████████████████████
██████████████████████
██████████████████
██████████
Monero
|
| "The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." David Chaum 1996
"Fungibility provides privacy as a side effect." Adam Back 2014
|
| | |
|
|
|
Sukrim
Legendary
Offline
Activity: 2618
Merit: 1006
|
|
March 02, 2013, 11:55:29 AM |
|
Mining uses a double hash (= SHA256(SHA256(header)) ), this is kinda special and not too common, so rainbow tables would be a bit useless. Also miners throw away a LOT of their results - just returning all the computed hashes would saturate quite some connections.
|
|
|
|
earonesty
Newbie
Offline
Activity: 42
Merit: 0
|
|
December 23, 2013, 05:49:06 PM |
|
The development of ASICs makes brute force guessing of SHA256 hashes much faster. So instead of taking, say, a trillion years to guess a password with a huge farm of PCs, you can now take 1000 years with a huge farm of ASICs.
As ASICs become obsolete, we have lot of older-generation ASICs lying around, available cheaply for somone to brute force guess things.
So, yes - as long as your password hashing is the same as the hash used by ASICs, you're using a weaker hash.
|
|
|
|
|
|
