đź“… Original date posted:2017-02-24
đź“ť Original message:On Fri, 2017-02-24 at 00:57 +0100, Aymeric Vitte via bitcoin-dev wrote:
>
> I have not worked on this since some time, so that's just thoughts,
> but maybe it can render things much more difficult
> than       computing two files until the same hash is found
>
You basically rely on the idea that specific collisions are more
difficult to find. This trick or similar tricks will not help. (And
actually, the more files you add to the hash, the more freedom you give
the attacker.)
Even if certain collisions are more difficult to find today (which is
certainly true), the general rule is that someone will prove you wrong
in a year.
Even if ignore security entirely, switching to new hash function is
much simpler trying to fix the usage of a broken hash function.
Relying on SHA1 is hopeless. We have to get rid of it.
Best,
Tim
Tim Ruffing [ARCHIVE] /
npub1cm…dwkls
2023-06-07 17:56:38
in reply to nevent1q…2a9s
Author Public Key
npub1cmt6gqyfw3sdngkq0wadtpe3kmgyyeld6ad0g2h5tar3kpzcrmpqddwklsPublished at
2023-06-07 17:56:38Event JSON
{
"id": "1977a9811a5db7bd0e3b24bc21148b45685d61ac4691a664894b13a105675c08",
"pubkey": "c6d7a400897460d9a2c07bbad58731b6d04267edd75af42af45f471b04581ec2",
"created_at": 1686160598,
"kind": 1,
"tags": [
[
"e",
"37053a195373ca87d2cc167b4470872a0425d55bfe62c38a20deac2033060b94",
"",
"root"
],
[
"e",
"c6195595597e3eff04863c3c3dddddb436bdb5ce2bac867f76afa86c99fe35e2",
"",
"reply"
],
[
"p",
"a2711d6616d348a3542bb2a791a9e51fcbc7b7d1d20652e5abe16d3e179321df"
]
],
"content": "📅 Original date posted:2017-02-24\n📝 Original message:On Fri, 2017-02-24 at 00:57 +0100, Aymeric Vitte via bitcoin-dev wrote:\n\u003e \n\u003e I have not worked on this since some time, so that's just thoughts,\n\u003e but maybe it can render things much more difficult\n\u003e than       computing two files until the same hash is found\n\u003e \n\nYou basically rely on the idea that specific collisions are more\ndifficult to find. This trick or similar tricks will not help. (And\nactually, the more files you add to the hash, the more freedom you give\nthe attacker.)\n\nEven if certain collisions are more difficult to find today (which is\ncertainly true), the general rule is that someone will prove you wrong\nin a year.\n\nEven if ignore security entirely, switching to new hash function is\nmuch simpler trying to fix the usage of a broken hash function.\n\nRelying on SHA1 is hopeless. We have to get rid of it.\n\nBest,\nTim",
"sig": "e30e16f93ac543d2af2c24509e4348e4ab9bbfe097ba741873eb7d43f8d89bda854f0f43b11f91791bf2f8542ace52fabd774f2a4558bd49cfb081fade2ac93c"
}