Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Wednesday September 11 2019, @05:54AM   Printer-friendly
from the renaming-it-to-be-NSHA:-the-Not-Secure-Hashing-Algorithm dept.

Arthur T Knackerbracket has found the following story:

The Wall Street fintech Treadwell Stanton DuPont broke silence today as it announced its Research & Development and Science Teams successfully broke the SHA-256[*] hashing algorithm silently in controlled laboratory conditions over a year ago. The announcement aims to secure financial and technological platform superiority to its clients and investors worldwide.

[...] While the best public cryptanalysis has tried to break the hashing function since its inception in 2001, work on searching, developing and testing practical collision and pre-image vulnerabilities on the SHA-256 hashing algorithm began back in 2016 in Treadwell Stanton DuPont's R&D facilities, culminating 2 years later with the successful discovery of a structural weakness and the initial development of the first practical solution space of real world value by its researchers.

"While we have successfully broken all 64 rounds of pre-image resistance," said Seiijiro Takamoto, Treadwell Stanton DuPont's director of newly formed Hardware Engineering Division, "it is not our intention to bring down Bitcoin, break SSL/TLS security or crack any financial sector security whatsoever."

[*] See the SHA-2 page on Wikipedia for background on SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by maxwell demon on Wednesday September 11 2019, @07:07AM (4 children)

    by maxwell demon (1608) on Wednesday September 11 2019, @07:07AM (#892577) Journal

    Breaking SHA256 means that you have a method to generate a specific hash with significantly better than brute force efficiency. Which means that you have put in less work than you "proved". If you are the only one who has it, it certainly gives you a distinct advantage in mining, and might be enough to gain 50% of apparent computing power, and thus gain control of the blockchain. And even if not directly, it might be used to drive the difficulty up enough that many miners give up, and thus 50% is gained that way.

    If the method to break it gets publicly known, it's not that harmful to Bitcoin, as then everyone can use it, and the difficulty will adapt accordingly. But if only select people have it, those select people have the ability to subvert Bitcoin.

    --
    The Tao of math: The numbers you can count are not the real numbers.
    Starting Score:    1  point
    Moderation   +3  
       Interesting=3, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @07:56AM (2 children)

    by Anonymous Coward on Wednesday September 11 2019, @07:56AM (#892588)

    Breaking SHA256 means that you have a method to generate a specific hash with significantly better than brute force efficiency.

    But will that happen? Normally, breaking a hash means you can get (more easilly) a collission. With Bitcoin this doesn't matter. What matters is that the hash generated gets a better score than the difficulty. I'm not sure that breaking SHA256 will get you a better chance at beating the difficulty as you still have to go through the search space to get something that gets accepted.

    • (Score: 3, Interesting) by Anonymous Coward on Wednesday September 11 2019, @08:17AM (1 child)

      by Anonymous Coward on Wednesday September 11 2019, @08:17AM (#892591)

      This is not a collision attack, but a preimage attack. This means that you can take an arbitrary hash and compute a plaintext that when hashed produces the output you want. For Bitcoin, rather than having to repeatedly guess what input will meet your proof of work output, you can work backwards from the proof of work and calculate all valid inputs with a 100% success rate. At higher difficulties, this can be much easier than repeatedly guessing and testing because the probability of a successful guess is so low.

      • (Score: 1) by YttriumOxide on Thursday September 12 2019, @05:52AM

        by YttriumOxide (1165) on Thursday September 12 2019, @05:52AM (#893064) Homepage

        This means that you can take an arbitrary hash and compute a plaintext that when hashed produces the output you want

        Which in the case of a Bitcoin block would still need to be a valid block, massively reducing the space of "useful" preimages you can find for that hash.

        A Bitcoin block will not be accepted by other nodes if it tries to spend from inputs that don't exist; or if it tries to spend more from inputs than they have. Even if you get all of that right, the outputs need to be addresses under your control or you then to additionally break ECDSA to gain access to the coins they represent.

  • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @01:13PM

    by Anonymous Coward on Wednesday September 11 2019, @01:13PM (#892661)

    This was already discussed by Satoshi, just switch to a new algo, the end