Just FYI, there are many, many threads on this topic.
In the event of a really catastrophic break in SHA2, which is pretty much unimaginable, we can switch to SHA3, or whatever. It doesn't really matter which one, and things change, so there isn't much point picking it now.
Why do I say it would be unimaginable? Because if we used MD5 instead of SHA2, we'd be fine, even though MD5 is "broken". None of the weaknesses in MD5 (or any other relatively modern cryptographic hashes) apply in the bitcoin world. First, everything is always double hashed. Second, everything has other constraints.
Topic: SHA-2* family maybe broken in several years. - page 3. (Read 7738 times)
Depends upon whether you trust Satoshi's judgement. According to that site the SHA-2 family went "orange" before Bitcoin went live. Satoshi would have been aware of the 2007 paper mentioned which is the only thing vaguely justifying an orange alert.
I am not an expert, but from what I have read about SHA-2 it is very robust and would require a Fields Medal winning breakthrough in mathematics to scratch it.
I am not an expert, but from what I have read about SHA-2 it is very robust and would require a Fields Medal winning breakthrough in mathematics to scratch it.
Yeah I see what you mean. I just hope a backup is ready to commit into the source if a weakness is discovered.
SHA-256 is very strong. It's not like the incremental step from MD5 to SHA1. It can last several decades unless there's some massive breakthrough attack.
If SHA-256 became completely broken, I think we could come to some agreement about what the honest block chain was before the trouble started, lock that in and continue from there with a new hash function.
If the hash breakdown came gradually, we could transition to a new hash in an orderly way. The software would be programmed to start using a new hash after a certain block number. Everyone would have to upgrade by that time. The software could save the new hash of all the old blocks to make sure a different block with the same old hash can't be used.
If SHA-256 became completely broken, I think we could come to some agreement about what the honest block chain was before the trouble started, lock that in and continue from there with a new hash function.
If the hash breakdown came gradually, we could transition to a new hash in an orderly way. The software would be programmed to start using a new hash after a certain block number. Everyone would have to upgrade by that time. The software could save the new hash of all the old blocks to make sure a different block with the same old hash can't be used.
This is good to know, I just hope the devs have a new hash in mind if we have to switch quickly.
Depends upon whether you trust Satoshi's judgement. According to that site the SHA-2 family went "orange" before Bitcoin went live. Satoshi would have been aware of the 2007 paper mentioned which is the only thing vaguely justifying an orange alert.
I am not an expert, but from what I have read about SHA-2 it is very robust and would require a Fields Medal winning breakthrough in mathematics to scratch it.
I am not an expert, but from what I have read about SHA-2 it is very robust and would require a Fields Medal winning breakthrough in mathematics to scratch it.
According to http://valerieaurora.org/hash.html, weaknesses in SHA-2* have already been discovered. I know nothing about how these really work and know nothing about the weaknesses. However do we have a plan to migrate to another POW in a event the hashing algorithm is broken?
Or is the plan to pretend that SHA-2* will stand for all time unlike any crypto ever, and watch Bitcoin be destroyed?
Or is the plan to pretend that SHA-2* will stand for all time unlike any crypto ever, and watch Bitcoin be destroyed?
Jump to: