Author: Leandro Coutinho 2017-02-25 14:50:30
Published on: 2017-02-25T14:50:30+00:00
Google has recommended that users migrate to safer cryptographic hashes such as SHA-256 and SHA-3. However, it did not mention RIPEMD-160. Steve Davis raised the question of whether RIPEMD-160, which is the foundation of Bitcoin addresses, is also insecure like SHA1. Peter Todd responded that SHA1 is insecure because of the algorithm itself, not because 160 bits are not enough. While there are no known weaknesses in RIPEMD160 so far, it has not been studied as closely as more common hash algorithms. Bitcoin uses RIPEMD160(SHA256(msg)), which may make creating collisions harder if an attack is found than if it used RIPEMD160 alone. However, it is unclear whether this offers greater protection since the outputs only verify the public key against the final 20 byte hash. In the first case, the challenge would be to find a private key that has a public key that hashes to the final hash. In the second case, adding the sha256 hash into the problem does not appear to increase the difficulty significantly.
Updated on: 2023-06-11T21:49:27.971646+00:00