Bitcoin Forum
July 15, 2019, 11:11:41 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: REWARD offered for hash collisions for SHA1, SHA256, RIPEMD160 and other  (Read 38584 times)
Supercomputing
Sr. Member
****
Offline Offline

Activity: 278
Merit: 250


View Profile
February 05, 2014, 05:24:17 PM
 #21

Someone please produce a news article with this sensational title :" The Bitcoin creator's $ 1 billion hidden reward to those who break NSA's super secret algorithm".

Hmmm, a catch-22:

If an intelligent person can derive a fast enough algorithm to invert SHA-2 (256-bit), then he can also use it to mine Bitcoins faster than anyone else and gain complete control of the network. And therefore, he has no incentive to share the knowledge.

But  if an intelligent person can derive a fast enough algorithm to break ECDSA signatures based on secp256k1, then he will have complete control of the crypto economy. His only option will be to keep the algorithm private. He has no incentive to share the knowledge because he can now manipulate transactions at will.

Electrical Engineering & Computer Science
http://www.eecs.mit.edu/
1563232301
Hero Member
*
Offline Offline

Posts: 1563232301

View Profile Personal Message (Offline)

Ignore
1563232301
Reply with quote  #2

1563232301
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1563232301
Hero Member
*
Offline Offline

Posts: 1563232301

View Profile Personal Message (Offline)

Ignore
1563232301
Reply with quote  #2

1563232301
Report to moderator
RussHarben
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
February 23, 2017, 01:43:06 PM
 #22

The SHA1 bounty has been claimed - currently 1 confirmation.

https://blockchain.info/tx/8d31992805518fd62daa3bdd2a5c4fd2cd3054c9b3dca1d78055e9528cff6adc
BornBlazed
Full Member
***
Offline Offline

Activity: 184
Merit: 100


View Profile
February 23, 2017, 02:00:54 PM
 #23

A double spend with 3 confirms?? i never thought i would see the day. Is this not a Zero day and needs too be patched? should we be happy this collision happened??
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1018


May Bitcoin be touched by his Noodly Appendage


View Profile
February 23, 2017, 02:05:49 PM
Last edit: February 23, 2017, 07:54:15 PM by jackjack
Merited by suchmoon (2)
 #24

A double spend with 3 confirms?? i never thought i would see the day. Is this not a Zero day and needs too be patched? should we be happy this collision happened??
Not a problem, the other ones are not confirmed

How the guy did it:
 - The first SHA1 collision ever has been found today: https://shattered.io/
 - He took the data from the header to the "collision blocks" (see image at bottom, 320 bytes)
 - With the data after these blocks (from JPEG data to PDF footer) being the same and the 2 hashes having the same value, we know the hashes of "header -> collision blocks" will be the same due to what SHA1 is

Congratulations to 1EohDhHJT9byKsYhxp5zX6PNkuGhxoEu9r, I completely forgot this challenge



By the way, it looks like 1aa5cmqmvQq8YQTEqcTmW7dfBNuFwgdCD is trying something: https://blockchain.info/fr/address/37k7toV1Nv4DfmQbmZ8KuZDQCYK9x5KpzP
This guy is known: https://bitcointalk.org/index.php?topic=1572130.0 (amaclin: https://bitcointalk.org/index.php?action=profile;u=197593, Trust:   -512: -9 / +0 Warning: Trade with extreme caution!)
Obviously he ran a bot checking if the challenge is solved and trying to double-spend using the challenge answer before the real winner is confirmed




Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
February 23, 2017, 05:00:56 PM
 #25

Obviously he ran a bot checking if the challenge is solved and trying to double-spend using the challenge answer before the real winner is confirmed
In fact the bot is looking for all inputs which do not require signing by private key
Slamm-0!
Newbie
*
Offline Offline

Activity: 7
Merit: 0


View Profile
February 23, 2017, 05:14:57 PM
 #26

... meanwhile, MD5 is still widely used  Grin
Infinum
Newbie
*
Offline Offline

Activity: 41
Merit: 0


View Profile
February 23, 2017, 07:40:31 PM
 #27


https://i.imgflip.com/1k7p0t.jpg
BurtW
Legendary
*
Offline Offline

Activity: 2492
Merit: 1048

All paid signature campaigns should be banned.


View Profile WWW
February 24, 2017, 01:15:31 AM
 #28

Congratulations!  I had completely forgotten about this thread.

Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
manselr
Legendary
*
Offline Offline

Activity: 854
Merit: 1000


Trusted Seller


View Profile
February 24, 2017, 06:51:40 PM
 #29

Is it a coincidence that this happened right when bitcoin was shattering throught the ATH?

Anyway, as far as I know we are safe for years with SHA256, or satoshi said so some years ago, he said we wouldnt see a SHA256 collision in our lifetime.

Telegram; @bitcointalkaccseller
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1018


May Bitcoin be touched by his Noodly Appendage


View Profile
February 24, 2017, 07:42:10 PM
 #30

Is it a coincidence that this happened right when bitcoin was shattering throught the ATH?

Anyway, as far as I know we are safe for years with SHA256, or satoshi said so some years ago, he said we wouldnt see a SHA256 collision in our lifetime.
Yeah that's funny it happened the same day but I don't see how this could be related

And hopefully we won't see an SHA256 collision in our lifetime but you never know, it may have a major flaw discovered in the following years

Here the team founds an algorithm 100000 times faster than bruteforcing

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
freemanjackal
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250

FINANCIAL FREEDOM, PROFESSIONAL STRATEGY


View Profile
February 25, 2017, 12:49:47 AM
 #31

sha256 for now can sleep peacefully, i dont know for how long, every day hardaware processing capabilities increase, and the news about china's quantum computer may affect all this
tomtomtom7
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
February 25, 2017, 02:56:58 PM
 #32

Stealing someone's coins by breaking ECDSA is not the same as a reward specifically for breaking something.


That is an interesting distinction as this implies that the blockchain should recognize some form of legal or moral ownership defined outside of the blockchain.

An alternative view more in line with the decentralized nature of bitcoin, is that "ownership" is simply defined as being able to produce a valid input script for an output script.

As such, someone being able to find the private key of an early public key by whatever means, must be considered the "owner". It doesn't matter if the keys are found on an (owned) usb-stick or by trial and error,
BurtW
Legendary
*
Offline Offline

Activity: 2492
Merit: 1048

All paid signature campaigns should be banned.


View Profile WWW
February 25, 2017, 04:07:54 PM
 #33

You may not recognize or agree with a or any legal distinction between stealing someone's BTC and claiming a BTC reward as was done here in this thread or is being done in the puzzle transaction.

But there is a huge moral distinction between the two:  stealing someone's BTC is wrong, claiming a BTC reward is not wrong.

Just because you can do something does not make it morally right.


Our family was terrorized by Homeland Security.  Read all about it here:  http://www.jmwagner.com/ and http://www.burtw.com/  Any donations to help us recover from the $300,000 in legal fees and forced donations to the Federal Asset Forfeiture slush fund are greatly appreciated!
tomtomtom7
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
February 25, 2017, 05:06:27 PM
 #34

You may not recognize or agree with a or any legal distinction between stealing someone's BTC and claiming a BTC reward as was done here in this thread or is being done in the puzzle transaction.

But there is a huge moral distinction between the two:  stealing someone's BTC is wrong, claiming a BTC reward is not wrong.

Just because you can do something does not make it morally right.



Not all cases are morally clear cut. What if someone disagrees with how someone else acquired the coins in the first place?

A more interesting example of how "stealing" becomes fuzzy is LN payment channels. What if I close a channel with an earlier stage to my advantage, and I succeed because my peer for some reason fails to monitor the blockchain?

Am I stealing? Not really. My gains  would be the result of an explicit and well known  clause of our contract. Would you consider this morally wrong?

I think we should value the programmatic rules of contracts and as such not judge these types of theft in the same way as we would do with theft in the "real" world.
manselr
Legendary
*
Offline Offline

Activity: 854
Merit: 1000


Trusted Seller


View Profile
February 25, 2017, 05:24:12 PM
 #35

Is it a coincidence that this happened right when bitcoin was shattering throught the ATH?

Anyway, as far as I know we are safe for years with SHA256, or satoshi said so some years ago, he said we wouldnt see a SHA256 collision in our lifetime.
Yeah that's funny it happened the same day but I don't see how this could be related

And hopefully we won't see an SHA256 collision in our lifetime but you never know, it may have a major flaw discovered in the following years

Here the team founds an algorithm 100000 times faster than bruteforcing

If a SHA256 collision happens what is the worst scenario? I think I would have a hearth attack or something.

How would the Core team proceed in order to make the switch to a safe algo? Would it be an absolute fuckfest or it is a smooth process? Because I presume we wouldn't have a lot of time to waste being exposed with SHA256 through the transition.

Could anti Core trolls or just bitcoin attackers in general try to delay the switch or somehow block it?

I hope those things are properly planned in the unfortunate even that happens otherwise im not going to be able to sleep ever again.

Telegram; @bitcointalkaccseller
jackjack
Legendary
*
Offline Offline

Activity: 1134
Merit: 1018


May Bitcoin be touched by his Noodly Appendage


View Profile
February 25, 2017, 05:36:35 PM
 #36

Is it a coincidence that this happened right when bitcoin was shattering throught the ATH?

Anyway, as far as I know we are safe for years with SHA256, or satoshi said so some years ago, he said we wouldnt see a SHA256 collision in our lifetime.
Yeah that's funny it happened the same day but I don't see how this could be related

And hopefully we won't see an SHA256 collision in our lifetime but you never know, it may have a major flaw discovered in the following years

Here the team founds an algorithm 100000 times faster than bruteforcing

If a SHA256 collision happens what is the worst scenario? I think I would have a hearth attack or something.

How would the Core team proceed in order to make the switch to a safe algo? Would it be an absolute fuckfest or it is a smooth process? Because I presume we wouldn't have a lot of time to waste being exposed with SHA256 through the transition.

Could anti Core trolls or just bitcoin attackers in general try to delay the switch or somehow block it?

I hope those things are properly planned in the unfortunate even that happens otherwise im not going to be able to sleep ever again.

https://en.bitcoin.it/wiki/Weaknesses#Breaking_the_cryptography

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
GameunitsSEO
Member
**
Offline Offline

Activity: 84
Merit: 10

Entrepreneur


View Profile WWW
February 25, 2017, 05:47:19 PM
 #37

http://www.coindesk.com/who-broke-the-sha1-algorithm-and-what-does-it-mean-for-bitcoin/

SHA1 is like MD5  Grin

No Panic guys  Cool

SHA1 has also been deemed quite vulnerable to collision attacks which is why all browsers will be removing support for certificates signed with SHA1 by January 2017. SHA256 however, is currently much more resistant to collision attacks as it is able to generate a longer hash which is harder to break.

Gameunits We're enabling the 2 billion unbanked Gamers to shop on any online merchant.
freemanjackal
Sr. Member
****
Offline Offline

Activity: 378
Merit: 250

FINANCIAL FREEDOM, PROFESSIONAL STRATEGY


View Profile
February 25, 2017, 09:32:24 PM
 #38

thats something we could see it coming, thats why it was developed sha256 and some other algos, like will be created many more algos to replace sha256, it will be interesting to see what would  btc core developers do on those coming scenarios
Syke
Legendary
*
Offline Offline

Activity: 3024
Merit: 1034


View Profile
February 27, 2017, 10:52:42 PM
 #39

4) "When Will We See Collisions for SHA-1?" - Bruce Schneier -https://www.schneier.com/blog/archives/2012/10/when_will_we_se.html

Bruce sure knows his stuff.

Quote
A collision attack is therefore well within the range of what an organized crime syndicate can practically budget by 2018, and a university research project by 2021.

...the need to transition from SHA-1 for collision resistance functions is probably more urgent than this back-of-the-envelope analysis suggests.

Any increase in the number of cores per CPU, or the number of CPUs per server, also affects these calculations. Also, any improvements in cryptanalysis will further reduce the complexity of this attack.

Buy & Hold
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!