Bitcoin Forum
December 03, 2016, 06:02:32 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Suggestion: Replace SHA-256 with SHA-512 from block 200.000 ?  (Read 3560 times)
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 09, 2010, 09:32:15 AM
 #1

Lately there have been major technological breakthroughs, such as memristors, graphene-based transistors and so which will probably greatly increase processing power of computers yet to come.

So i propose a (relatively simple ?) change which would make bitcoin prepared for a 10-fold or more increase in computers' speed in the close future. Change hashing algorithm from SHA-256 to SHA-512 from block 200.000 or 250.000. This would raise the bar of difficulty of attacking the network.

Bitcoin is gaining popularity fast, so we should be prepared for the worst. IMHO it's better to be safe than sorry. Also, the more serious we get about network security, the more seriously will companies & other "serious" entities look at bitcoin resulting in wider adoption.

1480788152
Hero Member
*
Offline Offline

Posts: 1480788152

View Profile Personal Message (Offline)

Ignore
1480788152
Reply with quote  #2

1480788152
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480788152
Hero Member
*
Offline Offline

Posts: 1480788152

View Profile Personal Message (Offline)

Ignore
1480788152
Reply with quote  #2

1480788152
Report to moderator
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
November 09, 2010, 09:35:41 AM
 #2

Lately there have been major technological breakthroughs, such as memristors, graphene-based transistors and so which will probably greatly increase processing power of computers yet to come.

So i propose a (relatively simple ?) change which would make bitcoin prepared for a 10-fold or more increase in computers' speed in the close future. Change hashing algorithm from SHA-256 to SHA-512 from block 200.000 or 250.000. This would raise the bar of difficulty of attacking the network.

Bitcoin is gaining popularity fast, so we should be prepared for the worst. IMHO it's better to be safe than sorry. Also, the more serious we get about network security, the more seriously will companies & other "serious" entities look at bitcoin resulting in wider adoption.


Is it only possible ?  I mean, sha512 requires twice as many bits of space than sha256.  Therefore I wonder if it would fit the current block structure.
mimarob
Member
**
Offline Offline

Activity: 98


View Profile
November 09, 2010, 12:27:04 PM
 #3

Can one really change the algorithm on-the-fly like that?

Doesn't it require a majority of the nodes agreeing to run the new software?


bitcoin address: 15swBLKathoPyX94HgptYXSSqf7SUGhG4z
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 09, 2010, 12:34:52 PM
 #4

Can one really change the algorithm on-the-fly like that?

Doesn't it require a majority of the nodes agreeing to run the new software?

From what i understand about the algorithms used, after the SHA256->512 update, it would no longer be possible for old (unupdated) clients to connect to the network, as their block chain would be rejected by all the new nodes.

Because bitcoin works on semi-fixed timeframes, it is possible to "schedule" a certain update to happen after some time (after block number XXXX), and this is exactly what i am suggesting. The change could happen even YEARS after the update (in this case, block 200.000 = about 12 months from now). All clients will be probably updated to the new version by then.

grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
November 09, 2010, 12:53:16 PM
 #5

Can one really change the algorithm on-the-fly like that?

Doesn't it require a majority of the nodes agreeing to run the new software?

From what i understand about the algorithms used, after the SHA256->512 update, it would no longer be possible for old (unupdated) clients to connect to the network, as their block chain would be rejected by all the new nodes.

Because bitcoin works on semi-fixed timeframes, it is possible to "schedule" a certain update to happen after some time (after block number XXXX), and this is exactly what i am suggesting. The change could happen even YEARS after the update (in this case, block 200.000 = about 12 months from now). All clients will be probably updated to the new version by then.

This seems very hazardous.  If you really want to do that, I suggest you fork bitcoin.

As far as I'm concerned, I very much doubt sha256 will be broken any time soon.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 09, 2010, 01:17:47 PM
 #6

This seems very hazardous.  If you really want to do that, I suggest you fork bitcoin.

Fork bitcoin ? What for if we can easily schedule things to happen X years in future ?

As far as I'm concerned, I very much doubt sha256 will be broken any time soon.

Let's assume there will be a technological breakthrough, and the computing power will go up 10-fold, or 100-fold in a matter of year. Is Bitcoin still safe ? I think not. It will be much easier for somebody to redo a part of the chain and perhaps fake some transactions.
Technological breakthroughs do happen, it is not something unrealistic at all.

(I'm trying to be paranoic, because that's good when it comes to security)

grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
November 09, 2010, 02:02:31 PM
 #7

Let's assume there will be a technological breakthrough, and the computing power will go up 10-fold, or 100-fold in a matter of year. Is Bitcoin still safe ? I think not. It will be much easier for somebody to redo a part of the chain and perhaps fake some transactions.
Technological breakthroughs do happen, it is not something unrealistic at all.

That's a huge hypothesis.  We'll talk about it if it happens, ok ?  But meanwhile, there is no need to mess with the protocol.  Especially about a change of the hash function.  Again, if you really want a sha512 cryptocurrency, then fork bitcoin.

That's the good thing about free software, if someone is not happy with the direction of the code, he can fork it.  We don't have to argue endlessly about those stuffs.

Changing the hash function would imply the coexistence of two hash formats inside the block chain.  This is not good for the coherence of the protocole.
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652


Chief Scientist


View Profile WWW
November 09, 2010, 02:15:49 PM
 #8

Computers could get 1 billion times faster and Bitcoin's hashing and elliptic curve digital signatures will still be "safe."

2^256 is a really, really big number.

2^226 is also a really, really big number.  It is a billion times smaller than 2^256, but still far and away big enough.

Even 2^160 (the size of the bitcoin address hash) is big enough.

Back-of-the-envelope:
Lets say computers in a few years can do a quadrillion hashes per second-- that's about 2^50 hashes/second.  How many seconds to find a SHA-256 hash collision?  2^205 seconds.  That is much longer than the age of the universe.

How long to find a bitcoin address hash collision?  2^130 seconds, which is 43,161,132,283,224,056,755,882,116,619,960 years.  Also much, much longer than the age of the universe.

(actually, those numbers are the MAXIMUM time.  Divide by two for the average time.  Insanely big divided by two is still insanely big.)

You should be worried that some weakness in SHA-256 is found that allows hashes to be cracked other than by brute-force.  And if you're worried about that, then it is dumb to switch to SHA-512 now-- perhaps a flaw will be found in the entire SHA* family of hashing algorithms.

How often do you get the chance to work on a potentially world-changing project?
caveden
Legendary
*
Offline Offline

Activity: 1106



View Profile
November 09, 2010, 02:21:27 PM
 #9

Excuse me for my ignorance, but isn't the difficulty there exactly to prevent what the topic author fears?

If computers get a billion time faster, difficulty gets a billion time harder...

What's the issue? There's a maximum possible difficulty for SHA-256 ?

18rZYyWcafwD86xvLrfuxWG5xEMMWUtVkL
grondilu
Legendary
*
Offline Offline

Activity: 1134


View Profile
November 09, 2010, 02:39:31 PM
 #10

Excuse me for my ignorance, but isn't the difficulty there exactly to prevent what the topic author fears?

Yes, it is.  I should have explained that earlier.   There is indeed a maximum difficulty for SHA-256, but it means being able to invert the hash function.  And as pointed upper in this thread, it is just impossible using brute force.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 09, 2010, 02:45:58 PM
 #11

@gavinandresen, @grondilu

OK, I am satisfied with Your answers.
Bitcoin wins again in my eyes. Thx.

jgarzik
Legendary
*
qt
Offline Offline

Activity: 1470


View Profile
November 09, 2010, 05:15:33 PM
 #12

We currently do double-sha256, not just sha256.

Jeff Garzik, bitcoin core dev team and BitPay engineer; opinions are my own, not my employer.
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
jimbobway
Legendary
*
Offline Offline

Activity: 1380



View Profile
November 09, 2010, 06:10:45 PM
 #13

This reminds me of the movie Swordfish with John Travolta where he hacked 256-bit encryption with ease.  At the end of the movie he hacked 1024-bit encryption, I think.  LOL!

░░░░░░░░░██████░░░░░░░░░░░░▄▄▄
░░███░░██████░░░░░▄▄▄▄▄░░██
░░███░░█████████████
░░░░░░░░██████▀▀██████████
░░░░░░░░██████░░░░░██████████
░░░░░░▄▄▄▄▄▄░░░▄▄▄░░░░███████
░░░░░██████░░░███░░░░███████
░░░░░██████░░░███
░░░░░███████▄▄▄▄▄████████
░░░░░████████████████████
░░▄▄▄▄▄░░█████░░░░█████████
█████░░█████░░░░█████████
█████░░░░░░░░░░░░█████████
█████░░░░░░░░░░░░░█████████

START GETTING PAID FOR YOUR ATTENTION!
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
JUSTICE IN THE WORLD OF ONLINE ADVERTISING!

BUY MASS COIN 】【 ICO PROSPECTUS
VISIT OUR WEBSITE
TWITTER 】【 FACEBOOK 】【 TELEGRAM

ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 09, 2010, 07:53:44 PM
 #14

This reminds me of the movie Swordfish with John Travolta where he hacked 256-bit encryption with ease.  At the end of the movie he hacked 1024-bit encryption, I think.  LOL!

Correct me if I'm wrong, but I think it was Hugh Jackman doing the hacking on that awesome set up of screens Cheesy

Wait, are you telling me you didn't know that each screen increases the total processing power of your setup by 10 orders of magnitude ? Cheesy

ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 11, 2010, 03:10:15 PM
 #15

Since there is nothing more to say here, i'm locking the topic.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!