Author: Peter Todd 2017-02-25 19:12:01
Published on: 2017-02-25T19:12:01+00:00
The strength of SHA1 algorithm is not enough for collision resistance, according to a discussion on the Bitcoin-dev mailing list. However, the algorithm is not considered insecure because it uses 160 bits; rather, its vulnerabilities are due to other factors. Despite the concerns raised in this discussion, pay-to-pubkey-hash remains secure. Even if someone generates two pubkeys with the same RIPEMD160(SHA256()) digest, the Bitcoin network itself will not be affected. Multisig use-cases, however, may require more than 160-bit security level. Segwit, which provides a 128-bit security level against collision attacks, will introduce a 256-bit native P2WSH.
Updated on: 2023-06-11T21:49:34.282781+00:00