Bitcoin Forum
May 27, 2019, 04:49:34 AM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Doubt regarding sha-256  (Read 81 times)
vendip65
Newbie
*
Offline Offline

Activity: 5
Merit: 0


View Profile
November 18, 2018, 03:28:19 AM
 #1

Hi guys, I'm sorry if this isn't the correct place for this question, sine I am quite new in forum

I have a question/doubt regarding bitcoin and sha256, I just have finished seen a documentary about bitcoin & crypto and I'd like to ask you about, to see if any of you know the answer

For what I have seen and what I understand bitcoin uses double sha256, but what I didn't knew is that sha256 (the normal, not double) is used for governments, banks and others. In my opinion this is good for bitcoin because it's much more secure than all the other information in the world (double>single). But I also see a bad part in this, since, what would happen if someone found a vulnerability in sha256 which made possible to find the original hash?

If the algorithm is used for every important information on the net, chances are higher than if only was used in bitcoin and other cryptocurrencies. I am right or I am missing something here? Because if sha256 is "broke", would be only a matter of time that double sha256 became broke too, right?

So, who should be noticed in that case? If sha256 was used only in bitcoin I understand would be the bitcoin foundation or some of the first people who became miners and owners of bitcoin. But being sha256 something global, who should be contacted about this and would manage this situation?

Thank you and let me know if there is something unclear
1558932574
Hero Member
*
Offline Offline

Posts: 1558932574

View Profile Personal Message (Offline)

Ignore
1558932574
Reply with quote  #2

1558932574
Report to moderator
1558932574
Hero Member
*
Offline Offline

Posts: 1558932574

View Profile Personal Message (Offline)

Ignore
1558932574
Reply with quote  #2

1558932574
Report to moderator
GET 25 FREE SPINS AT REGISTRATION
GET 100% BONUS ON FIRST DEPOSIT
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558932574
Hero Member
*
Offline Offline

Posts: 1558932574

View Profile Personal Message (Offline)

Ignore
1558932574
Reply with quote  #2

1558932574
Report to moderator
1558932574
Hero Member
*
Offline Offline

Posts: 1558932574

View Profile Personal Message (Offline)

Ignore
1558932574
Reply with quote  #2

1558932574
Report to moderator
1558932574
Hero Member
*
Offline Offline

Posts: 1558932574

View Profile Personal Message (Offline)

Ignore
1558932574
Reply with quote  #2

1558932574
Report to moderator
bob123
Hero Member
*****
Offline Offline

Activity: 910
Merit: 1016



View Profile WWW
November 20, 2018, 08:18:08 AM
Merited by bones261 (1)
 #2

IF sha256 would be broken (that's a very big IF), someone would either publish a paper stating that (for the public appreciation and/or a bounty).

Note that 'broken' means that a collision has been found. There are 2 types of collisions.

One where the final hash is given and you need to find a second input which generates the same hash (severe) and
one where you randomly take 2 inputs and find the same hash (more probable, way less severe).

Yet not a single collision has been found. Also, a collision of the 2nd type wouldn't mean shit since this can't be abused.

A lot more technologies / protocols / applications would have a big problem if a collision of the 1st type would be possible. Not only bitcoin.


In such a case, BTC would have to fork off to another algorithm (e.g. sha512).



Because if sha256 is "broke", would be only a matter of time that double sha256 became broke too, right?

Yes, double sha256 will be still safer than single sha256 but would become 'broken' too.

HeRetiK
Legendary
*
Offline Offline

Activity: 1120
Merit: 1049


the forkings will continue until morale improves


View Profile
November 20, 2018, 01:05:12 PM
Merited by bones261 (1)
 #3

For what I have seen and what I understand bitcoin uses double sha256, but what I didn't knew is that sha256 (the normal, not double) is used for governments, banks and others. In my opinion this is good for bitcoin because it's much more secure than all the other information in the world (double>single). But I also see a bad part in this, since, what would happen if someone found a vulnerability in sha256 which made possible to find the original hash?

Sha256 is part of the NSA Suite B Cryptography standard [1], which is a set of cryptographic hashes and encryption schemes that have been both defined and reviewed in a formal and academic process. Those are some of the most well understood and therefore most trusted and most widely used cryptographic algorithms out there.

Even if you weren't using a cryptographic hash that is part of an industry standard, you'd still want to use a cryptographic hash that is well understood and reviewed in depth by some of the smartest minds out there. As such you'll always want to rely on commonly used cryptographic hashes and not some home-brewn solution since cryptography is hard and you're more likely to fuck it up than not.

[1] https://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography


If the algorithm is used for every important information on the net, chances are higher than if only was used in bitcoin and other cryptocurrencies. I am right or I am missing something here? Because if sha256 is "broke", would be only a matter of time that double sha256 became broke too, right?

Any cryptographic algorithm is prone to break eventually. The point of using well-reviewed standards is to make sure that this happens later rather than sooner (and optimally, can be anticipated in advance).

It would not only be a matter of time until double Sha256 is broken. Double Sha256 is broken the instant that Sha256 is broken.


So, who should be noticed in that case? If sha256 was used only in bitcoin I understand would be the bitcoin foundation or some of the first people who became miners and owners of bitcoin. But being sha256 something global, who should be contacted about this and would manage this situation?

Thank you and let me know if there is something unclear

Cryptography is a huge academic field with a lot of research going on. Vulnerabilities within a cryptographic algorithm are most likely to be found within academic circles and will thus be addressed within research upon which future cryptographic standards and recommendations will be based on.

For example NIST has been working on post-quantum cryptography recommendations for quite a while now:
https://en.wikipedia.org/wiki/Post-Quantum_Cryptography_Standardization

Once these algorithms are well understood and the most solid ones are determined, new cryptographic standards will emerge and replace the older ones, just as has happened many times before. After that it will be up to companies and their developers to upgrade their software and systems. Optimally all of this happens long before actual attacks on current cryptographic algorithms become feasible.

Be aware that the effects of an attack on Sha256 will be rather limited in the case of Bitcoin. At best a vulnerability within Sha256 will enable an adversary to calculate the hashes faster than a regular "user". Since the most prominent usage of Sha256 is within Bitcoin's mining progress, this would most likely merely lead to faster miners, rather than a full-on attack. The only scenario that would be worrying is if a single party manages to break Sha256 while also building mining infrastructure surpassing existing one without anyone else noticing to then lead a 51% attack. However this would be both unlikely and highly uneconomical.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!