Bitcoin Forum
February 08, 2023, 06:13:06 AM *
News: Latest Bitcoin Core release: 24.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Ethereum “Dagger” PoW function is flawed  (Read 866 times)
Sergio_Demian_Lerner (OP)
Hero Member
*****
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
January 17, 2014, 05:21:26 PM
 #1

One of the features in Ethereum is the use of a PoW function specially designed to be memory-hard. While this may be true (though a formal proof is missing and the design document is quite incomplete), the authors completely forgets another key property a PoW function must provide: it must be sequential-memory hard. This means that not only the function should require large amounts of RAM, but it must not allow easy parallelization. Dagger seems to provide almost the best possible scenario for parallelization. In Dagger, a certain amount of RAM is filled by pseudo-random data derived from the header and the nonce. This data is produced in rounds. Each round, a number of elements from the previous round outputs are hashed together to produce the elements of the following round. These hashes can be performed in parallel. An optimized implementation for an ASIC (or FPGA) is evident for anyone with some discrete logic design background. A speedup from 256X to 2560X seems possible.

I posted more on this issue here:

http://bitslog.wordpress.com/2014/01/17/ethereum-dagger-pow-is-flawed/

My own proposal (SeqMemoHash) solves this problem (http://bitslog.wordpress.com/2013/12/31/strict-memory-hard-hash-functions/)

Best regards,
 Sergio.
1675836786
Hero Member
*
Offline Offline

Posts: 1675836786

View Profile Personal Message (Offline)

Ignore
1675836786
Reply with quote  #2

1675836786
Report to moderator
1675836786
Hero Member
*
Offline Offline

Posts: 1675836786

View Profile Personal Message (Offline)

Ignore
1675836786
Reply with quote  #2

1675836786
Report to moderator
1675836786
Hero Member
*
Offline Offline

Posts: 1675836786

View Profile Personal Message (Offline)

Ignore
1675836786
Reply with quote  #2

1675836786
Report to moderator
According to NIST and ECRYPT II, the cryptographic algorithms used in Bitcoin are expected to be strong until at least 2030. (After that, it will not be too difficult to transition to different algorithms.)
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1675836786
Hero Member
*
Offline Offline

Posts: 1675836786

View Profile Personal Message (Offline)

Ignore
1675836786
Reply with quote  #2

1675836786
Report to moderator
Sergio_Demian_Lerner (OP)
Hero Member
*****
Offline Offline

Activity: 549
Merit: 588


View Profile WWW
January 17, 2014, 07:11:21 PM
 #2

This forum is full of spam. I will repost it on the thread https://bitcointalk.org/index.php?topic=420457.msg4568752#msg4568752
tiaguitah
Member
**
Offline Offline

Activity: 111
Merit: 10


View Profile
February 01, 2014, 06:47:48 PM
 #3

bump.

So other investors can see.

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!