What happens if the cryptography of Bitcoin gets cracked?

[Harley997]

Or what would happen if improved cryptography comes along, how would the protocol deal with this? Would a layer on top of the current protocol be enough to patch it up or will Bitcoin die?

Bitcoin is an open protocol, everything can be changed, patched , and so on.
Ultimatively, if sha256 gets to the point where its useless, bitcoin would have to switch algo, making all asics useless.

Would be a fun thing to see, also becose the price would have a major dip, where u could buy, knowing there will be just as powerfull rebound.

Open source means that individual users can make changes to what the do, but for the protocall to be chanced 1/2 of the miners would need to accept the change.

Not exactly.

It's not just up to the miners, it's up to merchants too. 100% of miners could go with a hard fork change that could be incompatible with what merchants call bitcoin.

Or, say, 20% of miners and merchants fork to a change and start using that ...would simply be another version of bitcoin but if incompatible, would cause a lot of confusion if both were called bitcoin.  

If merchants were to try to change the protocol then no TX would get confirmed if the miners did not agree

[1714846499]

1714846499

[1714846499]

1714846499

[1714846499]

1714846499

[1714846499]

1714846499

[jonald_fyookball]

Or what would happen if improved cryptography comes along, how would the protocol deal with this? Would a layer on top of the current protocol be enough to patch it up or will Bitcoin die?

Bitcoin is an open protocol, everything can be changed, patched , and so on.
Ultimatively, if sha256 gets to the point where its useless, bitcoin would have to switch algo, making all asics useless.

Would be a fun thing to see, also becose the price would have a major dip, where u could buy, knowing there will be just as powerfull rebound.

Open source means that individual users can make changes to what the do, but for the protocall to be chanced 1/2 of the miners would need to accept the change.

Not exactly.

It's not just up to the miners, it's up to merchants too. 100% of miners could go with a hard fork change that could be incompatible with what merchants call bitcoin.

Or, say, 20% of miners and merchants fork to a change and start using that ...would simply be another version of bitcoin but if incompatible, would cause a lot of confusion if both were called bitcoin.  

If merchants were to try to change the protocol then no TX would get confirmed if the miners did not agree

Correct.  Everyone has to agree. Not just 50% of miners.

[mamarried]

 I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

[jonald_fyookball]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

More secure sometimes. because you're not required to set a 160 bit pwd on your online banking.

[niothor]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

Glad to see some newbies posting this.
Most of people here are concerned only with bitcoin they don't care about anything else.

They wish for another crisis just to see their btc back to 1000/coin forgetting that some of their relatives might lose their job in such a scenario.

Same with the cryptography , btc value going to 0 will be the last thing people will think when this gets cracked. Forget the 7 billions going to 2 cents , think about the trillions banks keep "safe" and that will not be safe anymore.

[jonald_fyookball]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

Glad to see some newbies posting this.
Most of people here are concerned only with bitcoin they don't care about anything else.

They wish for another crisis just to see their btc back to 1000/coin forgetting that some of their relatives might lose their job in such a scenario.

Same with the cryptography , btc value going to 0 will be the last thing people will think when this gets cracked. Forget the 7 billions going to 2 cents , think about the trillions banks keep "safe" and that will not be safe anymore.

Its mostly an academic discussion of what ifs, and it's different security systems.

[niothor]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

Glad to see some newbies posting this.
Most of people here are concerned only with bitcoin they don't care about anything else.

They wish for another crisis just to see their btc back to 1000/coin forgetting that some of their relatives might lose their job in such a scenario.

Same with the cryptography , btc value going to 0 will be the last thing people will think when this gets cracked. Forget the 7 billions going to 2 cents , think about the trillions banks keep "safe" and that will not be safe anymore.

Its mostly an academic discussion of what ifs, and it's different security systems.

Are sure about that? How sure?
Care to  explain in detail what is so damn different that we can rest assured nothing will happen to both same times?

Also , I would enjoy an academic discussion of "ifs" .

[jonald_fyookball]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

Glad to see some newbies posting this.
Most of people here are concerned only with bitcoin they don't care about anything else.

They wish for another crisis just to see their btc back to 1000/coin forgetting that some of their relatives might lose their job in such a scenario.

Same with the cryptography , btc value going to 0 will be the last thing people will think when this gets cracked. Forget the 7 billions going to 2 cents , think about the trillions banks keep "safe" and that will not be safe anymore.

Its mostly an academic discussion of what ifs, and it's different security systems.

Are sure about that? How sure?
Care to  explain in detail what is so damn different that we can rest assured nothing will happen to both same times?

Also , I would enjoy an academic discussion of "ifs" .

I'm no expert on bank security but obviously it doesn't use public key cryptography as a basis.  Even if passwords are stored as hashes (and they almost certainly are), the public cannot access them as with bitcoin.
And you can do a password reset.  If you cannot reset your password based on 2FA, the bank can help you out.  So, essentially they are based on hierarchical levels of trusted control...bank employees, tech admins, managers, clearing houses, etc.  Bitcoin is trustless at the base level and no way to recover a lost private key.

[illymoka]

Bitcoin operates on private/public key pairs. The public part of that keypair is what creates the addresses to which payments are sent. The corresponding private key then allows you to spend BTC that were held by an address. The concern is that someone will be able to generate their own private key that will yield the same public key (or address) and therefore steal those coins.

[illymoka]

For example, if I look at the blockchain and find an address that has 1M BTC, I could start trying to generate a keypair for which the public key matches exactly. Currently, this would take way too long (like age of the universe long) but if some weakness or set of weaknesses are found in the functions Bitcoin uses, and if 1M BTC was worth more than $6-7M USD, it might make sense to crack it.

[illymoka]

This is all a long way off so I wouldn't worry about it. As soon as such weaknesses were found, Bitcoin could be upgraded to use even stronger crypto/hashing functions.

[kjj]

I'm no expert on bank security but obviously it doesn't use public key cryptography as a basis.  Even if passwords are stored as hashes (and they almost certainly are), the public cannot access them as with bitcoin.
And you can do a password reset.  If you cannot reset your password based on 2FA, the bank can help you out.  So, essentially they are based on hierarchical levels of trusted control...bank employees, tech admins, managers, clearing houses, etc.  Bitcoin is trustless at the base level and no way to recover a lost private key.

Bank security, ultimately, comes down to one simple thing.  Money isn't real.

What a bank protects is not money, but a list of debts owed (deposit accounts, etc) and debts owned (loans, etc).  And literally nothing in banking is ever final.  If someone tampers with the debt lists, they can just untamper them during the next audit.

[BTCisthefuture]

Wouldn't bitcoin be the least of peoples worries of the cryptography was broken?

Doesn't like everything important and sensitive use the same cryptography.


If something better comes along, yes bitcoin can be updated

[jonald_fyookball]

Wouldn't bitcoin be the least of peoples worries of the cryptography was broken?

Doesn't like everything important and sensitive use the same cryptography.


If something better comes along, yes bitcoin can be updated

Didn't people just ask that a few replies ago?

It's like no one even reads the threads before posting
what's been said 3 times already.

[Harley997]

I always answer for these question saying "bitcoin uses the same crypto standards as "real" banks. We are all in for a serious amount of butthurt if that happens"

Glad to see some newbies posting this.
Most of people here are concerned only with bitcoin they don't care about anything else.

They wish for another crisis just to see their btc back to 1000/coin forgetting that some of their relatives might lose their job in such a scenario.

Same with the cryptography , btc value going to 0 will be the last thing people will think when this gets cracked. Forget the 7 billions going to 2 cents , think about the trillions banks keep "safe" and that will not be safe anymore.

Its mostly an academic discussion of what ifs, and it's different security systems.

Are sure about that? How sure?
Care to  explain in detail what is so damn different that we can rest assured nothing will happen to both same times?

Also , I would enjoy an academic discussion of "ifs" .

I'm no expert on bank security but obviously it doesn't use public key cryptography as a basis.  Even if passwords are stored as hashes (and they almost certainly are), the public cannot access them as with bitcoin.
And you can do a password reset.  If you cannot reset your password based on 2FA, the bank can help you out.  So, essentially they are based on hierarchical levels of trusted control...bank employees, tech admins, managers, clearing houses, etc.  Bitcoin is trustless at the base level and no way to recover a lost private key.

The difference between Bitcoin and bank security is that with bank security if you try your password "x" number of times (x is a very small number, likely less then 10) then your account will get locked and you will need to prove your identity in ways that cannnot be broken via crypto, while you can try a bitcoin "password" an unlimed number of times (by password you could mean a private key, a password to a wallet, a brain wallet or similar).

If you were to get the hash of a password to a bank account then you could hack the hash to get the actual password, but if it is detected that the hash of passwords were stolen then the above security measure would be implemented (making customers prove their identity in a no crypto method)

[feverpitch]

Can the devs not just switch from SHA-256 to the next secure protocol?  It would make miners obsolete, is that the problem?

[turvarya]

Can the devs not just switch from SHA-256 to the next secure protocol?  It would make miners obsolete, is that the problem?

I am not so sure about it, but I think, in that case we would Need a new blockchain and yes as far as I know most ASIC-miners would become useless, since they are optimized on calculating SHA-256.
So, it is possible, but as Long as there is no good reason for it, the devs will not do it.

[rext]

Man bro, you would see many many angry people when that happens, they will be like, "What??? Are you telling me my miners don't work now???"

[electerium]

If sha256 gets magically cracked overnight, which is highly unlikely, we're probably going to be engaged in world war 3 along with it.

sha256 remains the underlying encryption method for a wide variety of financial and military applications used by almost ever nation in the world. This much is certain; and depending on who you believe, sha256 is employed in numerous weapons applications of the "immediate strike" capability realm by US warships.

If it was compromised overnight, we'd have ww3 upon us.


but the more likely scenario is that sha256 will be slowly eroded over time where core developers for all of these applications will have time to upgrade encryption and cryptographic applications that it will never be an issue.

[kjj]

Can the devs not just switch from SHA-256 to the next secure protocol?  It would make miners obsolete, is that the problem?

In a sudden catastrophic break, that is exactly what would happen.

Of course, such a break is widely regarded as, ahem, unlikely.  Like "getting arrested for going over the tag limit on your unicorn hunting license" unlikely.

What will happen in reality is that some day, someone will publish a theoretical attack that weakens a wildly reduced form of SHA2.  A few years later, people will start to take notice as someone manages to produce an attack on a moderately (or maybe even just slightly) reduced version.  Around that time, someone will make a pull request that invokes the 75/95 rule*, triggering a new rule that says that starting a few tens of thousands of blocks after the majority is achieved, blocks that satisfy the target using either SHA-256 or some other hash function will be accepted**.  Then, someone on the mailing list will pipe up and suggest a different new algorithm that no one has ever heard of, and no one but djb trusts.

We'll spend the next year or so painting that bike shed good and hard, eventually settling on something newer than SHA2, and using a different fundamental compressor, but still something that has been around for a while, and widely respected.

Probably about a quarter million blocks after that, SHA will be retired.

By now, we are a decade past the first signs of weakness, and the cryptographers are getting close to shaving a bit or two off of the full version of SHA2.  Ten or twenty years after that, and SHA2 will be moderately unsafe against an institutional attacker, in some applications, none of which will ever apply to bitcoin.  At some point, the attacks get good enough that cryptographers are creating collisions on napkins at cocktail parties to impress women (to paraphrase the famous timeline), and yet bitcoin would have remained totally safe because the attacks that break hash functions simply do not generalize to short inputs with rigid constraints.

* Yes, I know that the 75/95 rule is for soft forks, but nothing else seems to fit here.  The devs are a conservative lot, but this hard fork can't be dodged.  Most likely, the "tens of thousands of blocks" that I mention next will really be on the order of 100k.

** The mechanism is very simple.  Try the new algorithm.  If it hits a valid target, accept.  Otherwise, try SHA2.  IF it hits a valid target, accept.  Otherwise, junk it.  Notice that there is no need to change any of the structure or fields of the blocks or header, and no new block version is necessarily needed.