Slash Boxes

SoylentNews is people

posted by martyb on Wednesday September 11 2019, @05:54AM   Printer-friendly
from the renaming-it-to-be-NSHA:-the-Not-Secure-Hashing-Algorithm dept.

Arthur T Knackerbracket has found the following story:

The Wall Street fintech Treadwell Stanton DuPont broke silence today as it announced its Research & Development and Science Teams successfully broke the SHA-256[*] hashing algorithm silently in controlled laboratory conditions over a year ago. The announcement aims to secure financial and technological platform superiority to its clients and investors worldwide.

[...] While the best public cryptanalysis has tried to break the hashing function since its inception in 2001, work on searching, developing and testing practical collision and pre-image vulnerabilities on the SHA-256 hashing algorithm began back in 2016 in Treadwell Stanton DuPont's R&D facilities, culminating 2 years later with the successful discovery of a structural weakness and the initial development of the first practical solution space of real world value by its researchers.

"While we have successfully broken all 64 rounds of pre-image resistance," said Seiijiro Takamoto, Treadwell Stanton DuPont's director of newly formed Hardware Engineering Division, "it is not our intention to bring down Bitcoin, break SSL/TLS security or crack any financial sector security whatsoever."

[*] See the SHA-2 page on Wikipedia for background on SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, and SHA-512/256.

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday September 11 2019, @06:01PM

    by Anonymous Coward on Wednesday September 11 2019, @06:01PM (#892833)

    SHA256 hasnt been cracked. But there are shortcuts that yield a better than brute force method of achieving a given hash. And the fact they are using this to market a bitcoin miner just proves it isnt about preimage or collision.

    Lets examine what a bitcoin miner does using math.
    Given mem = mempool or in otherwords a collection of transactions that have yet to be included in a block.

    Given diff = an arbitrary number between 0 and 2 pow 256 -1.

    Given n = nonce a single use salt.

    Mining proceeds thusly.

    Order mem such that the result of the SHA256 hash of mem[0...]+n is less than diff.

    The way modern miners work is to order mem once, then apply all values for n between 0 and 2 pow 32 in parallel. Gather the outputs and then Compare the output vs diff and if out is greater than diff then reorder mem and re-apply n.

    The key here is it must be below diff and diff is a pretty huge number. That means there are many, many valid numbers that will work and that is by design.

    It seems to be what they have "discovered" if anything at all, is that due to the fixed block size of SHA256, you can compute prehashes in parallel for all possible configurations of mem and then apply all possible values for n, all in parallel.

    This is still brute force but it is more of a scatter, gather type situation.

    And its nothing new. Bitmain has been offering ASIC miners with this feature since at least 2017.