Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday September 11 2019, @05:54AM   Printer-friendly
from the renaming-it-to-be-NSHA:-the-Not-Secure-Hashing-Algorithm dept.

Arthur T Knackerbracket has found the following story:

The Wall Street fintech Treadwell Stanton DuPont broke silence today as it announced its Research & Development and Science Teams successfully broke the SHA-256[*] hashing algorithm silently in controlled laboratory conditions over a year ago. The announcement aims to secure financial and technological platform superiority to its clients and investors worldwide.

[...] While the best public cryptanalysis has tried to break the hashing function since its inception in 2001, work on searching, developing and testing practical collision and pre-image vulnerabilities on the SHA-256 hashing algorithm began back in 2016 in Treadwell Stanton DuPont's R&D facilities, culminating 2 years later with the successful discovery of a structural weakness and the initial development of the first practical solution space of real world value by its researchers.

"While we have successfully broken all 64 rounds of pre-image resistance," said Seiijiro Takamoto, Treadwell Stanton DuPont's director of newly formed Hardware Engineering Division, "it is not our intention to bring down Bitcoin, break SSL/TLS security or crack any financial sector security whatsoever."

[*] See the SHA-2 page on Wikipedia for background on SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Funny) by Anonymous Coward on Wednesday September 11 2019, @06:03AM (9 children)

    by Anonymous Coward on Wednesday September 11 2019, @06:03AM (#892561)

    TFA is a *press release* directly from the folks who *claim* to have broken SHA256.

    No evidence is provided and no supporting documentation. To avoid breaking the world, they aren't releasing any details. Trust us, we know best!

    In that spirit, I am announcing that I have built and tested an Alcubierre drive by making the round trip to and from Alpha Centauri in three weeks. [wikipedia.org]

    However, given the disruption FTL travel could cause, I'm not going to release any details or there could be mass panic. Trust me.

    Starting Score:    0  points
    Moderation   +5  
       Insightful=1, Informative=1, Funny=2, Touché=1, Total=5
    Extra 'Funny' Modifier   0  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @06:35AM (4 children)

    by Anonymous Coward on Wednesday September 11 2019, @06:35AM (#892572)

    I have heard an independent third party claim it was breakable, although it was still computationally expensive to do. Real-time website handshaking is impractical for now, but any long term signature verification requiring more than a few months of hash security should be looked at as suspect, or ideally combined with multiple checksums from different families, making the likelihood of a union of duplicate collisions next to impossible mathematically speaking.

    • (Score: 1, Informative) by Anonymous Coward on Wednesday September 11 2019, @08:03AM (2 children)

      by Anonymous Coward on Wednesday September 11 2019, @08:03AM (#892589)

      The problem with combining hash functions is two fold: First, you may get weird interactions between the two that can make it even weaker than the system should be in theory. Second is that your hash is only as secure as the weakest hash because you can exploit the weaknesses in that hash to control the outputs of the stronger hash and the system as a whole, in the vast, vast majority of implementations.

      The only exception to the second rule is concatenation of outputs with non-identical inputs, which is not what most people implement. On top of that, the theoretical strength of concatenation of hashes with non-identical inputs is not that much more than the strongest hash by itself, especially when compared to raising the parameters of modern hashes.

      • (Score: 1, Insightful) by Anonymous Coward on Wednesday September 11 2019, @11:52AM (1 child)

        by Anonymous Coward on Wednesday September 11 2019, @11:52AM (#892630)

        Having 2 or more individual hashes, from different ciphers or techniques should not interact in the way you describe. This does mean that tiy either need multiple passes over the data or a specially optimized set of functions that can iterate the data through multiple ciphers side by side, allowing the performance benefit of the current data still being in-memory for each hashing function's pass. Given modern cpu technology the cpu time is negligible but the disk i/o wasted could be dramatic.

        • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @06:51PM

          by Anonymous Coward on Wednesday September 11 2019, @06:51PM (#892859)

          If you are talking about something like H1(H2(password)), H1(password)||H2(password), H1(password) xor H2(password), etc. then they absolutely do interact that way. There are numerous papers that prove that, which I can find when off work, if you'd like.

    • (Score: 4, Interesting) by FatPhil on Wednesday September 11 2019, @08:37AM

      by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Wednesday September 11 2019, @08:37AM (#892594) Homepage
      The "independent third party" I would trust would be a respected peer-reviewed cryptography journal.
      Which is noticeably absent in both your comment and TFPR (yes, it is a press release).

      So I'm with the "pump & dump" school here.
      --
      Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
  • (Score: 3, Funny) by VLM on Wednesday September 11 2019, @12:46PM (3 children)

    by VLM (445) on Wednesday September 11 2019, @12:46PM (#892650)

    The evidence of it being broken seems rather homeopathic.

    Something mathematical was created, then pass thru 256 rounds of journalist dilution, and you end up with distilled water containing statistically likely less than one line's worth of actual mathematical proof.

    Still, the lack of anything in the diluted product doesn't imply the original source contained ... something.

    • (Score: 1, Insightful) by Anonymous Coward on Wednesday September 11 2019, @01:06PM (2 children)

      by Anonymous Coward on Wednesday September 11 2019, @01:06PM (#892658)

      A lack of proof for something makes it even more likely in my opinion.

      • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @07:24PM

        by Anonymous Coward on Wednesday September 11 2019, @07:24PM (#892867)

        A lack of proof for something makes it even more likely in my opinion.

        Which is why you're absolutely certain that every time you kiss your wife/girlfriend, you get my sperm in your mouth.

        Good show!

      • (Score: 2) by VLM on Thursday September 12 2019, @11:21AM

        by VLM (445) on Thursday September 12 2019, @11:21AM (#893116)

        Could be a pump and dump scheme, yes. Usually "real results" are not announced this way.

        My guess is to avoid massive SEC legal impact, there is a kernel of truth where they DID bust SHA-256 down to the equivalent of SHA-255.99999 AND SIMULTANEOUSLY theres a chance there might be a pump and dump scheme underway.