Topic: "All cryptography is breakable" criticism - page 3. (Read 7617 times)

SHA-256 is a hashing function.  There is no such concept as decryption.  There is only plaintext -> hash.  Also if an attacker has access to the computer doing the hashing couldn't they simply make a copy of the secret being hashed before it is hashed.

I would just respond, "It's safe for less than whatever that amount of time is". If a vault can be cracked in a hundred thousand years, it's safe to store something in it for a few decades.

I think the "magic bullet" of quantum computing, concerning bitcoin, would be used against ECDSA. AFAIK, if you manage to build one in secret, you could start stealing some bitcoin addresses secretly.
But still, I believe the devs will have the time to change the pubkey algorithm before such threat becomes a reality.

In case it hasn't been clear to everybody else, this is precisely the kind of silliness that I wan't to point out. (EDIT: That is, I want to point out how silly it is to think like that!)

Then why does the NSA hold a contest to see if anyone can find out what a file is composed of by cracking the hash?

SHA256 is not encryption. I'm not sure what you are trying to say. You can't "decode" it. One of the functions of a hashing algorithm is taking a large arbitrary input such as a multi-gigabyte file, and outputting a very short string of letters and numbers that can uniquely identify that large file. You can't reverse the process, you can only hope to break the algorithm in such a way that a different input will make the same output - and this is currently impossible.

EDIT: I see your mention of code changes - and sure, if an insecure or deliberately compromised implementation of the algorithm is used, there would be problems. But stuff like that is hard to do on purpose, since all nodes have to agree, and good luck updating all of them to use your compromised code.

What does Shor's algorithm have to do with hashing? And isn't the hashing so complex that decoherence will happen in the middle of the QC anyway?

No, I'm not talking about predicting the future. I'm saying an attacker gains access to a computer which is encrypting shit in sha-256. The sha-256 program is modded to make what is encrypted there after breakable by the attacker. Now when the encrypted material is intercepted it is trivial for the attacker to decrypt yet still appears to be valid sha-256 encryption. Maybe the code is modded so more collisions occur or some other innocuous change. If the user doesn't validate the code integrity the user will never know the mod exists.

Coz Bitcoin is still in its infancy.

In that case, why would they bother to fuck around with unproven quantum technology instead of using their own ASIC?

lolwat?

The USA government doesn't care of economical issues (it can print a lot of dollars). When existance of Bitcoin becomes a political problem, it will be solved using all resources of USA economy.

Quantum computers aren't  a magic bullet.  Yes using Shor's algorithm the search speed can be increased exponentially however at what cost?   For example say once ASICs become mainstream the cost to attack/defend the network using ASICs is $20,000 per TH.  Now say a quantum computer which could implement shor's algorithm on 256bit numbers could be built for $50,000 per TH equivelent.  Who cares?  An attacker is going to take the more economical option.

So quantum computer is only a threat if all 5 elements are true
a) it is possible to build a quantum computer which can implement shor's algorithm on 256bit numbers
b) it is possible to build a quantum computer large enough to 51% attack the network
c) it is possible to build a quantum computer that makes such attack more economical than ASIC based brute force
d) quantum technology can be restricted so that a computer meeting requirements a,b, c isn't available to "defenders"
e) Bitcoin protocol isn't changed to implement quantum resistant block hashing algorithm

The idea that a,b,c,d & e will all remain true at the same time is implausible.  a & b are technical limitations and currently impossible although they MAY be possible in the future.  c is likely only true if quantum computers are being mass produced.  If c is true then it is very likely d isn't true.   a,b,c &d aren't going to happen overnight so as implausible as that set on conditions is some years or decades before it becomes true Bitcoin could adopt a quantum reistant hashing algorithm making conditon e false.

You mean predict the future?  The inputs will be unknown until they are known. 

What the the prior block has for block 500,000?  Everyone will know once block 499,999 has been accepted by the network but there is no way for the attacker to predict the future and make the unknown inputs for block 500,00 known today.

That's where the double SHA256 will save our asses, IMHO. Reminds me that Satoshi had to be really smartass.

OK. I'll explain. SHA-256 is used for hashing. Of coz it's used in a variety of applications. But if someone get a quantum computer and manage to falsify a digitally signed contract then only authentic owner of the contract will be harmed. If someone manage to falsify an SSL certificate then only visitors of the site will be harmed. But if someone manage to find block nonces every second, then everyone who uses bitcoins will be in troubles.

http://en.wikipedia.org/wiki/SHA256

Yu Sasaki, Lei Wang, and Kazumaro Aoki, Preimage Attacks on 41-Step SHA-256 and 46-Step SHA-512
http://eprint.iacr.org/2009/479.pdf

Jian Guo, Krystian Matusiewicz (2008-11-25). Preimages for Step-Reduced SHA-2
http://eprint.iacr.org/2009/477.pdf

Couldn't an attacker replace unknown inputs/variables with known inputs/variables, then all of the targets data which uses encryption from that point forward would be breakable by the attacker?

Is a false statement.  SHA-256 is used in a variety of applications.

The rest of the world will be fine, coz they use SHA-256 only for signing.

SHA-256 is used by all the world, banks, governments, companies etcetc. If it get broke...well we can easily switch to something else with a client update. Meanwhile the entire world would collapse