What values are hashed in the SHA-256 algorithm, and what would be the next iteration until a possible header is found?


I've been doing a lot of reading on mining and software related to mining but I can't quite get my head wrapped around the specific nature of what is being hashed together. So far I feel like the current block header, and a nonce are hashed together in hopes of finding a hash that is less than the current target, if it is, you get 25BTC. Here's where I am confused, according to the psuedocode https://bitcoin.stackexchange.com/a/3047 . The only value that changes is the nonce, and that is a fixed possible hex/integer ex: from 0 to 0xFFFFFFFF.

How is it that the difficulty can increase if there are a finite number of attempts to change the nonce?

Am I right about hashing together the block header with the nonce?

I referenced this https://en.bitcoin.it/wiki/Proof_of_work and it makes perfect sense.. except for the fact that I still feel like the nonce is the only value that changes.

Maybe the 32-bit nonce yields way more possibilities that I can fathom and...

0 0

Bitcoin uses both SHA-256 and RIPEMD-160 hashes. Most often a double-round SHA-256 is used, but for address generating, RIPEMD-160 is used because it generates a shorter hash value. RIPEMD-160 has a 160-bit or 20-byte hash value while SHA-256 has a 256-bit or 32-byte.

So RIPEMD-160 is used for it's shorter hash. However, SHA-1 also produces a 160-bit hash. RIPEMD-160 is a less popular algorithm but in fact achieves exactly the same as SHA-1 does.

The only real difference I can find on the internet is in the following fragment from RIPEMD-160's Wikipedia page:

RIPEMD-160 was designed in the open academic community, in contrast to the NSA designed SHA-1 and SHA-2 algorithms. On the other hand, RIPEMD-160 appears to be used somewhat less frequently than SHA-1, which may have caused it to be less scrutinized than SHA. RIPEMD-160 is not known to be constrained by any patents.

Are patent issues the reason? Why is SHA-1 a problem but SHA-256 not? I know...

0 0

As Meni mentions, there are ways to change the hashing algorithm used for Bitcoin. For this change to be made, all clients would have to be updated and the blockchain would look very weird as it would still contain all historic data that used SHA256.

However, when some party from one day to the other can manually create collisions, as I think you suggest with "compromised", they will only be able to send bitcoins from all existing addresses if also RIPEMD-160 and ECDSA will be compromised. These three algorithms are used to create the address from a private key.

SHA256 has more significance in mining. But still, I think the ability to manually create SHA256 collisions won't help you much with mining. When mining, you hash a bock that has a certain formatting. This hash must satisfy certain conditions in order to be accepted. So what you would be able to do when you compromised SHA256 is take a valid hash and look for different plaintexts that result in this hash....

0 0

I'm assuming you mean what will happen to Bitcoin if SHA256 is discovered to no longer be suitable for use as Bitcoin uses it. First, such a thing is likely to happen very gradually. We'll first see hints of weaknesses and attacks that currently take millions of years will shrink to thousands of years and then hundreds of years. So there will be plenty of time to arrange a change.

Note that Bitcoin addresses also use RIPEMD-160, which is likely weaker than SHA-256. However, the way they're used, weaknesses in RIPEMD-160 might not actually create problems for Bitcoin.

Basically, whatever changes needed to be made to the protocol would have to be worked out. Possibly any other changes deemed advantageous could be made at the same time, since protocol-breaking changes are rare. Some fields may need to be expanded.

A particular block would be picked, after which the new methods would start. Everyone would have to upgrade before then.

I think every effort...

0 0

SHA-256 is not a secure password hashing algorithm. SHA-512 neither, regardless of how good it has been salted. Why not? Because both can be computed in the billions per minute with specialised hardware. If you are surprised to hear that you should continue reading...

What makes a good password hashing algorithm?

A password hash is the very last line of defence. Its only purpose is to prevent an attacker from gaining total control of a user when all other measures of security have been broken. This usually means to prevent the attacker from using the compromised data to access users' data on other websites, which could happen when a user re-uses a password. It is extremely important that a good hashing algorithm will resist all attempts of cracking it, at least for a significant period of time.

Since the attacker is in control of the raw user data there is nothing which can be done to prevent a crude brute force attack. However, this is not an easy...

0 0
0 0
0 0