Topic: Has the NSA already broken bitcoin? - page 7. (Read 50483 times)

What would happen if, just once, the NSA was asleep at the wheel and allowed a major cryptographic tool like SHA-2 get approved without an exploitable back door, and to make things worse some status quo-threatening distributed currency started using it.

How might they recover from this blunder?

One way would be to spread FUD about SHA-2 to convince everyone to switch to a new algorithm their deep cover agents had prepared just for this event.

But on the other hand, if SHA-2 was broken and they wanted to keep the truth from getting out, they'd propose a story just like what I wrote above. Unless that's just what they want you to think.

Maybe this loop of infinite recursion of motives but no proof is not the way to go.

Instead, look at this another way.

There is an enormous financial incentive to being able to break double SHA-256. The the most obvious incentive belongs to the ASIC manufacturers, who are devoting a lot of time to building machines that try to break double SHA-256 as rapidly and efficiently as possible.

None of them have found a substantial shortcut yet, despite years of working on it.

If the NSA did have a secret method, then every single person in the organization who knew about it would have a huge incentive to profit from it personally. Could all of them resist the temptation?

I think the hash rate will tell us if/when SHA-256 is broken, because we'll see a sudden increase that's not explainable any other way. Unless or until that happens, SHA-256 is probably safe.

Which one? Give a concrete answer.

OK, if you were in control of the hashing algorithm used by Bitcoin, which one would you use and why?

That still doesn't prove that NSA has intentionally made SHA insecure. It gives them a motive, but there's no evidence.

I think the only people who think bitcoin is broken are the people who don't understand it and are conspiracytards who would rather invent or believe in the exciting myth and mystery of a conspiracy rather than the cold boring truth.

Security that is good for banks simply isn't good enough for bitcoin. Bitcoin businesses that advertise their services to be of "banking grade" security are very funny. The "very secure" microcontrollers used in the credit cards simply shouldn't be used for bitcoin hardware wallets if they don't qualify for open source hardware!

SHA256 is not going to get broken anytime soon. If that happened, it would basically mean every other electronic transaction system would get cracked as well. Bitcoin would be the least of the worries. Practically every credit card encryption is rocking the SHA256.

Certainly bitcoin will have to be upgraded. There is simply too much uncertainty in the future in terms of processign power/trust that could possibly undermine it entirely. Through what method it is upgraded, whether it be another coin or through itself, remains to be seen.

No worries. There are several altcoins working on this problem now.

No it's not. I don't believe that NSA did not play a role. No evidence exists to suggest that they did, or that they did not. Therefore no-one (except NSA) knows. That includes you.

Speaking of fallacious arguments: it's not possible to know that some material has been witheld, and that simultaneously this is known to be the most serious. By trying to make that statement sound more terrifying, you've revealed that you're making rhetorical arguments, not factual arguments.

FWIW, I'm not speaking from a position where I believe bitcoin is without any kind of dishonest influences, despite no solid facts existing to the contrary (you were asked to present some, to which you instead speculated again). But your position is one big contradiction. If the NSA or whoever are using their resources to develop cryptocurrency, it should be pretty clear from the way bitcoin has played out that they have serious intentions. I doubt anything or anyone could prevent their intended goal (whatever that is), these sorts of organisations have access to the kind of resources that no-one can challenge.

What concerns me is that every single vocal defender of the security of bitcoin's algorithm viz the NSA uses fallacious arguments, in my opinion, including you.

The suggestion as per your comment here is that a lack of evidence against secp256k1 would imply strength or security in bit coin, but that is not true. It's like saying "Oh, you do not live in Antarctica therefore you do not know snow". Further, the fact that such weak arguments are so pervasive concerns me.

Most bitcoiners believe it would take billions of years to crack bitcoin. But the truth is that nobody is going to crack it by brute force.

I am not a cryptographer, but I recognize bullshit and a lot of the defense of bit coin against possible NSA meddling is frankly bullshit.

1) There is a lot of material online about the NSA supposedly introducing deliberately flawed algorithms. The most serious of that material has been held back, even by Snowden.

2) Bitcoin relies on sha2 which is basically an NSA algorithm. In fact sha1 was tweaked by the NSA for reasons it chooses to keep secret.

3) The founder of bitcoin, Satoshi Nakamota, is an unknown. I understand that there is a cult feeling around him for some people but all of the facts on top of his anonymity should be cause for pause.

4) Another very popular algorithm has been documented to my satisfaction as having originated with the NSA.

I've heard that it can be done with a soft fork by redefining a currently-unused opcode.

The problem is that you think such a concept exists as "private key", as if the privacy in inherent to the key. The phrase seems to imply that a private key is always private and cannot suddenly and inexplicably become known to someone else. This is a mistake, because in reality, there are only keys, which are bits of highly sensitive information, bits of math. The privacy or publicity of these bits of this information is the responsibility of whoever hold(s) keys. Always remember, information seeks to be free just as water seeks to flow down toward sea level.

Wouldn't that require a fork? or that can be done easily on the fly on a further upgrade of Bitcoin qt? how does that work.

With regard to secp256k1 do you have any facts to back up your opinion?

I expect that Bitcoin will eventually be upgraded to use ed25519 signatures, putting to rest entirely any controversy associated with secp256k1.

I expected that answer.

My opinion is other than that.

My personal opinion, after researching it quite thoroughly, is that the NSA had zero input into the parameters used to create the specific elliptical curve (secp256k1) used by the Bitcoin protocol. 

This does not address possible weaknesses in the mathematics of elliptical curve cryptography in general. 

This does not address possible entropy issues in the random private key generation, and just as importantly the random nonce generation, of any particular implementation.

This does not address possible weaknesses in the other cryptographic subsystems used in the Bitcoin protocol, specifically the hashing algorithms.  Although I have looked into it and am personally fairly convinced that the hashing algorithms used are safe for our purposes.

Maybe it is just semantics but when you sign a transaction with your private key some people would call that encrypting.  These same people sometimes call the process of verifying signed data using the public key decryption.

Bitcoin does these processes, whatever you want to call it.