Author: Steve Davis 2017-02-25 12:04:28
Published on: 2017-02-25T12:04:28+00:00
In a recent discussion on the Bitcoin-dev mailing list, Steve Davis questioned the security of RIPEMD-160 hash algorithm which is used as a foundation for Bitcoin addresses. Peter Todd replied that SHA1 is considered insecure because of its algorithm, not its 160-bit length. On the other hand, there aren't any known weaknesses in RIPEMD160, but it hasn't been studied as much as other hash algorithms. However, Bitcoin uses RIPEMD160(SHA256(msg)) which might make creating collisions harder if an attack is found. The use of this algorithm doesn't offer greater protection since the outputs only verify the public key against the final 20-byte hash. In the first case scenario, the challenge would be to find a private key that hashes to the final hash while in the second case scenario, a sha256 hash is added to the problem which doesn't seem to increase the difficulty by any significant amount. It is important to note that the dollar value held in existing utxos continues to increase and hence RIPEMD160's security may come under greater scrutiny in the future.
Updated on: 2023-06-11T21:47:59.782903+00:00