Timeline for answer to Couldn't we create a string that produces the same hash as another string in SHA-256? by kelalaka
Current License: CC BY-SA 4.0
Post Revisions
20 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Aug 15, 2020 at 21:51 | history | edited | kelalaka | CC BY-SA 4.0 |
added another.
|
| Aug 14, 2020 at 21:27 | history | edited | kelalaka | CC BY-SA 4.0 |
added the errors
|
| Aug 13, 2020 at 18:29 | history | edited | kelalaka | CC BY-SA 4.0 |
added short input space problem
|
| Aug 13, 2020 at 8:10 | comment | added | freakish | @JörgWMittag "Someone will analyze your attack and design a new hash function that fixes the flaw" is an optimistic belief rather than a fact. It is not necessarily true that we can always do that. | |
| Aug 13, 2020 at 2:30 | comment | added | GalacticCowboy | @BOI Essentially, even if you managed to find a value that hashed to the same value as SHA256("Hello, world!"), this would only give access to accounts that used "Hello, world!" as their password - which if you knew which accounts those were, you could just use "Hello, world!" and avoid all the fussing about with hash collisions. And that also assumes the protected service hasn't taken other basic precautions like salting. And that they're using straight SHA256, not iterative, other algorithms, etc. | |
| S Aug 12, 2020 at 16:39 | history | suggested | Nayuki | CC BY-SA 4.0 |
Improved spelling.
|
| Aug 12, 2020 at 16:29 | review | Suggested edits | |||
| S Aug 12, 2020 at 16:39 | |||||
| Aug 12, 2020 at 14:11 | comment | added | kelalaka | SHA256 has gained lots of attention thanks to Bitcoin. | |
| Aug 12, 2020 at 14:09 | comment | added | Stack Exchange Broke The Law | @BOI I encourage you to try it and see what happens! | |
| Aug 12, 2020 at 13:21 | history | edited | kelalaka | CC BY-SA 4.0 |
polish
|
| Aug 12, 2020 at 12:40 | history | edited | kelalaka | CC BY-SA 4.0 |
polish
|
| Aug 12, 2020 at 11:39 | history | edited | kelalaka | CC BY-SA 4.0 |
polish
|
| Aug 12, 2020 at 10:48 | history | edited | kelalaka | CC BY-SA 4.0 |
added 68 characters in body
|
| Aug 12, 2020 at 8:13 | history | edited | kelalaka | CC BY-SA 4.0 |
polish
|
| Aug 12, 2020 at 6:12 | comment | added | Jörg W Mittag | @BOI: If you are indeed able to do that, two things will happen: 1) You will become very famous, because you managed to do something that the entire crypto-community has been trying and failing for 20 years. 2) Someone will analyze your attack and design a new hash function that fixes the flaw that enables your attack. The current best known attacks on SHA-256 are only on reduced-round variants. | |
| Aug 12, 2020 at 2:12 | comment | added | Conor Mancone | @BOI doing that for modern hashing algorithms is literally impossible. Trying random strings until you find a match is the only option | |
| Aug 12, 2020 at 1:09 | comment | added | user241013 | Also i dont choose the strings randomly, i reverse engineer all the not and xor gates and whatnot to make a feasible string. | |
| Aug 12, 2020 at 0:26 | comment | added | user241013 | I remember finding a website where someone took the sha-256 of "Hello, world!" and made a string out of it | |
| Aug 11, 2020 at 23:44 | history | edited | kelalaka | CC BY-SA 4.0 |
polish
|
| Aug 11, 2020 at 22:52 | history | answered | kelalaka | CC BY-SA 4.0 |