Author: Shin'ichiro Matsuo 2017-02-25 17:45:36
Published on: 2017-02-25T17:45:36+00:00
The insecurity of SHA-0 led to extensive research on the structure of SHA-1. While SHA-2 is considered more difficult to find collisions than SHA-1, it is necessary to examine both the algorithm and output length when evaluating security. The NIST SHA-3 competition extensively discussed existing security considerations and evaluation criteria, leading to the adoption of the "sponge structure" for hash design. In light of this, further analysis is needed on RIPEMD160 and the impacts of attacks on (RIPEMD160(SHA2(msg))). Additionally, the security assumption of hash chain in Asiacrypt 2004 Paper can also provide useful insights. It is important to discuss both design structure and algorithm, as well as output length and security requirements. Future discussions regarding the transition of underlying hash functions are also necessary. The potential impact of RIPEMD-160(SHA256(msg)) is highlighted by the ease with which collisions could be generated. Although there aren't any known weaknesses in RIPEMD160 yet, Bitcoin uses RIPEMD160(SHA256(msg)), which may make creating collisions harder if an attack is found. However, further analysis is needed to determine whether this offers greater protection.
Updated on: 2023-06-11T21:48:26.689493+00:00