

Ask HN: Bitcoin Mining Operations Perpetuating Weaknesses in SHA-256? - nighthawk

Is it possible that bitcoin mining operations are actually generating the analog of a giant rainbow table to aid in the decryption of SHA-256 data?<p>Perhaps some mechanism that would facilitate a birthday attack, collisions, etc.?<p>I thought I&#x27;d float this out there to people who know more about cryptography and the weaknesses of these algorithms than I do.
======
tptacek
Unlike SHA-1, which has a 2^60 local-collision attack and a 160 bit output (so
an 80 bit birthday bound), SHA-2 has no theoretical attacks and a 128 bit
security bound.

You can do the math on how much it would cost to find a SHA-2 collision; for
instance, you can steal Skein team member Jesse Walker's back of the envelope
calculations, assigning 2^61 cycles and 2^8 dollars to a server-year. Now
multiply the number of cycles a block of SHA256 takes by 2^128.

I don't think a direct attack on SHA256 is a productive use to put the world's
computers.

------
fleitz
Rainbow tables are a space time tradeoff for specific known inputs, since the
BTC blocks are not generally 'known' nor do some blocks occur more frequently
than others rainbow tables are useless. Even when passwords are merely salted
rainbow tables are abandoned as not worth the time.

You could pregenerate a 'longer' chain, but the problem is the 'legnth' of the
chain is calculated based on difficulty not number of blocks, so you'd need
more computer power than all miners combined.

If you want to get cynical about US / Chinese approval for BTC it would
probably be willingness to buy enough hardware to precompute a longer chain.

The algos to exploit are the RNGs used in the ECDSA portion of BTC which allow
you to derive the private key and directly spend bitcoins, there aren't any
currently known weaknesses in relation to SHA256 in BTC. The RNG issue is
specific to certain implemenations of BTC and has nothing to do with the
protocol itself. (Similar to how an exploit for apache is not a weakness in
HTTP)

~~~
nighthawk
Thanks, I think I phrased the question poorly as I wasn't suggesting a
weakness in bitcoin, I was wondering whether there might be any value to the
mining output.

~~~
fleitz
The primary value of the mining output is heat.

------
oleganza
Miners are computing hashes for a very specific chunk of data. And it's also
double SHA256 which is not used in any standard key-derivation function.
Specialized mining machines implement a lot of shortcuts to optimise for that
exact hashing (in silicon!) and are useless for anything except Bitcoin
mining.

