Author: Henning Kopp 2017-02-27 09:15:29
Published on: 2017-02-27T09:15:29+00:00
The discussion on the failure of crypto primitives in Bitcoin has led to a paper which discusses the problems, but does not give any remedies. Additionally, contingency plans on the wiki are also available; however, they are not very detailed and should be viewed critically. There is no code for such plans and no one is working on them. The length and algorithm of hash output are important factors for collision resistance. SHA-0 was found insecure in 2004, and many research studies were conducted on the structure of SHA-1. Regarding SHA-2, it is harder than SHA-1 to find collisions. Research studies were extensively discussed in the NIST SHA-3 competition. In the case of RIPEMD160, we need similar analysis on RIPEMD160 and impacts of attacks on (RIPEMD160(SHA2(msg)). Discussions on algorithm, output length, and security requirements are needed to make cryptographic hashes beyond reproach. Bitcoin uses RIPEMD160(SHA256(msg)), which may make creating collisions harder if an attack is found than if it used RIPEMD160 alone.
Updated on: 2023-06-11T21:49:04.620450+00:00