jakiro
Author: OneKey Chinese Source: X, @OneKeyCN
Recently, this kind of tweet has become a hot search in the overseas encryption circle:“First practical SHA-256 collision for 31 steps. (The first 31-step feasible collision attack of SHA-256)”, the picture is a PPT from an academic conference.
Solana Toly forwarded “We are so back”, as if she wanted to say that only in such a bull market will there be such news.
Indeed, this breakthrough is particularly dazzling when the total market value of cryptocurrencies is about to return to its previous high of $3 trillion.You know, if SHA-256 is really cracked and all kinds of cryptocurrencies are going to be ruined together, we will lose all our shorts.
Is this breakthrough real?
Direct answer: It is true, it has indeed broken the new record of SHA-256 collision attack.
This paper has been accepted by EUROCRYPT 2024, one of the three flagship conferences in cryptography.You can use EUROCRYPT official website (https://eurocrypt.iacr.org/2024/acceptedpapers.php…) Checked.And here (https://eprint.iacr.org/2024/349) View the original paper, titled “New Records in Collision Attacks on SHA-2”.
How to understand this breakthrough?
Although it involves a lot of cryptography knowledge, the following text will help you understand it in the simplest language, and it will not involve too deep principles.
You need to know first, what SHA-256 is.
SHA-256 is an encryption algorithm that belongs to the subdivision of the SHA-2 series algorithms in the title of the paper.It is widely used in cryptography, digital signatures, data integrity verification and other fields, and is the cornerstone of modern digital security.
In the blockchain industry, it can be said to be the “pillar”. It is almost everywhere in mining, private key security, L2 data release (DA), etc.
Simply put, this algorithm converts inputs of any length into outputs of fixed lengths (hash values).That is, no matter how long or short the input content is, the hash value output by the algorithm is always 256 bits (32 bytes).Moreover, it is sensitive to input, and small changes in the input can produce completely different hashes.At the same time, it is an irreversible function, which means that it is easy to get the output based on the input, but it is not efficient to get the input based on the output.
For example, the text “OneKey Popular Science: Encryption is safer and can be used” will get “C612FD61C200F9C7DC16565A53C0F96A4DEBD64C21EB40AE5283D4D36433A24A”.
If I secretly change some of the contents in it, such as “TwoKey Popular Science: Encryption and security can be achieved at two points.”Encryption at this time becomes “C3C0E108AD1417259E97E8E913459B9CECD67C3BD20D8DFE938214567FB4EB08”, which is a completely different result.
This relationship is like a person’s fingerprint or iris.Everyone has unique fingerprints and iris, so we can use them to verify our identity and as passwords.The hash value of SHA-256 is here the “fingerprint” of the data.
The significance of collision attack SHA-256 is to find another attack data for the “fingerprint” of a certain data, so that it can generate the same “fingerprint” to achieve data forgery.
In SHA-256, the encryption process requires 64-step cyclic encryption calculations, which is the number of steps selected by the algorithm designer after balancing security and efficiency.
When we say that a collision was found in the first 31 steps of SHA-256, it is said that the author of the paper found two different inputs through a special method, which were in the internal intermediate state after processing in the first 31 steps.The same value is generated on it, so that after the remaining 33 steps there is a greater probability that the same hash output will be generated.
Of course, as the number of attack steps increases, the difficulty of finding input pairs that meet the collision conditions usually increases exponentially.This is because with each additional step, more internal state changes and propagation effects need to be considered in attack collision analysis, which greatly increases the complexity of calculation and analysis.So you may think that there is only half of the time left to crack, but in fact it is still a lot worse.
What’s more, the hash value of the Bitcoin block is obtained by performing two SHA-256 operations on the block header information. The process of generating the public key and address of the private key also uses the elliptic curve digital signature algorithm (ECDSA) and RIPEMD.-160 Algorithm.Therefore, there is still a long way to go to tamper with Bitcoin block information and attack private keys as you wish.
For Bitcoin mining, the mining process is essentially looking for a hash value that meets specific conditions, and this process needs to be achieved by repeatedly trying different nonce values.Only by finding a hash value collision that meets the criteria can it be theoretically possible to reduce mining difficulty, thereby affecting Bitcoin’s Proof of Work (PoW) mechanism.
The success of SHA-256’s collision attack does not mean that it can directly affect the difficulty of mining. Unless the collision attack can accelerate the process of finding such a specific hash value in some way, the direct impact on mining is limited.
What if it is really cracked?
This will inevitably trigger a crisis of trust in global digital security.
The entire Web2 security collapses first, and various banking systems and government agencies may be stopped urgently.The 3 trillion market cap of cryptocurrencies may seem trivial here.
Of course, fortunately, cryptocurrencies are forked and upgraded.For Bitcoin, this terrible situation definitely requires the core encryption algorithm through Bitcoin Improvement Proposal (BIP) and hard fork upgrade algorithm.These issues have been widely discussed in the community for a long time, and there are many alternatives.Even if quantum computing is breakthrough, there will be corresponding quantum-resistant algorithms to upgrade at that time.
all in all
Breakthrough, but not much.
We just moved a little forward in previous research, which is of course a breakthrough from an academic perspective and is very worthy of attention.
Despite this, there is still a big gap from destructive cracking, and the impact on cryptocurrencies in the short term may be limited.Bitcoin and various cryptocurrencies are still safe, and our shorts are kept.
It is crucial for any secure and sensitive digital system to be alert to new cryptography research.If any discovery proves that the SHA-256 algorithm has serious weaknesses in practice, it could have a significant impact on Bitcoin, including but not limited to loss of trust and changes in security protocols.I believe that Bitcoin developers and everyone in the community will closely monitor the situation and prepare for a security upgrade if necessary.
