[bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by third-parties, not just repo maintainers

Steve Davis steven.charles.davis at gmail.com
Sun Feb 26 07:16:37 UTC 2017


> On Feb 26, 2017, at 12:36 AM, Pieter Wuille <pieter.wuille at gmail.com> wrote:
> 
> The 80-bit collision attack only applies to jointly constructed addresses like multisig P2SH, not single-key ones.

That’s the part I’m less convinced about, and why I asked the original question re SHA1 vs RIPEMD. 

I’m checking my own numbers (and as you’ll appreciate it’s a powers of ten thing), but I do see a vector. Which would mean that if RIPEMD were weakened in any way, single-key transactions could suddenly become badly exposed.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170226/9aeaf1d0/attachment.html>


More information about the bitcoin-dev mailing list