[hashcash] Hashcash and the cracking of SHA1
- From: "David Fuelling" <sappenin@xxxxxxxxx>
- To: <hashcash@xxxxxxxxxxxxx>
- Date: Sun, 28 Jan 2007 13:14:48 -0500
Hey List,
Sorry if this has been covered in the last two years, but I just want to be
sure I've got my facts straight.
So, sometime in 2005, the SHA1 algorithm was cracked by a Chinese
mathematician. Bruce Schneier blogs about it here:
http://www.schneier.com/blog/archives/2005/02/sha1_broken.html
In a nutshell: "Collisions in the the full SHA-1 in 2**69 hash operations,
much less than the brute-force attack of 2**80 operations based on the hash
length."
I'm wondering if this has any implications on Hashcash. From my way of
thinking, if the supposed "crack" still takes 2^69 operations (instead of
the typical 2^80 via brute force), that's still going to be a lot *longer*
than computing a partial hash collision that might take seconds or minutes
(as is the case in Hashcash).
I guess I'm just wanting to be sure that Hashcash isn't somehow vulnerable
in its current form. I don't think it is, but figured I'd ping the list
just to be sure.
Thanks!
David
Other related posts:
