[Cryptography] Sony finding SHA1 collisions?
Peter Todd
pete at petertodd.org
Mon Dec 15 04:36:27 EST 2014
On Mon, Dec 15, 2014 at 10:23:48PM +1300, Peter Gutmann wrote:
> Peter Todd <pete at petertodd.org> writes:
>
> >There's a 2.474BTC reward outstanding for anyone who has a SHA1 hash
> >collision: 37k7toV1Nv4DfmQbmZ8KuZDQCYK9x5KpzP
>
> I'd be far more interested in the \infty BTC reward outstanding for anyone who
> can find collisions for RIPEMD-160(SHA-256(x)).
RIPEMD160(SHA256()) is address 39VXyuoc6SXYKp9TcAhoiN1mb4ns6z3Yu6.
SHA256(SHA256()) is address 3DUQQvz4t57Jy7jxE86kyFcNpKtURNf1VW.
Note though that a simple collision is not sufficent to steal Bitcoins -
you specifically need a preimage attack except in certain escrow
situations where you can control the P2SH redeemScript generated.
(easily fixed by requiring all parties to pre-commit to a nonce and
including the hash of the concatenation of those nonces in the resulting
redeemScript)
Also as I say in my disclaimers from my original post:
"Note that the value of your SHA256, RIPEMD160, RIPEMD160(SHA256()) or
SHA256^2 bounty may be diminished by the act of collecting it."
--
'peter'[:-1]@petertodd.org
000000000000000013beebd9c35efd8e0b721dddc58536c62dad4ed6d6d86a20
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 650 bytes
Desc: Digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141215/56726f7e/attachment.sig>
More information about the cryptography
mailing list