|
December 07, 2013, 06:28:35 PM |
|
A few ideas..
Combining hash functions, so that that the resulting hash retains the strengths of the strongest link is not straight forward.
When concatenating hashes, the collision resistance is the strongest link, but first pre-image resistance is lost, or equal to the weakest link. The hash is also LONGER than the original.
When nesting hash functions, using the output from one hash as the input for another, gives strongest link for first pre-image resistance, but you loose the collision resistance, as in it's the weakest link. The hash is the same length.
This seems an issue, but i was wondering.
The MINING part of bitcoin, requires first pre-image resistance. Collisions don't actually matter. An attacker has a hash, which satisfies the difficulty target you are aiming for, and he wishes to find a message that hashes to that, given the block header he has.
The TXN hashing, block hashing, which proves no tampering of the messages has gone on requires target collision resistance/ collision resistance. You have a TXN and the hash of that TXN and an attacker would like to find another TXN that hashes to that same hash. Then he could change the TXN in some nefarious way, and keep the hashes the same.
Therefore, would I be write in thinking, that if you wanted a more secure hash strategy for bitcoin/crypto-currency you could :-
a) Use a nested hash of multiple hashes, say the SHA-3 finalists and SHA2, for the mining algorithm. First pre-image resistance would be strongest link. b) Use a concatenated hash, with the same hash functions as in a), for the TXN and block hashes. Collision resistance would be strongest link
You would then need to break ALL the hashes before you could break bitcoin.. And if one or 2 of the hash functions were broken you could then think about switching to new hash functions all together..
Is this a correct line of thought ?
|