Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 2A4DE415 for ; Sun, 26 Feb 2017 07:16:40 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-it0-f66.google.com (mail-it0-f66.google.com [209.85.214.66]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DFDFCAD for ; Sun, 26 Feb 2017 07:16:39 +0000 (UTC) Received: by mail-it0-f66.google.com with SMTP id w185so8509558ita.3 for ; Sat, 25 Feb 2017 23:16:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=4GfnSlmj5USPdOpb2YhLlJ++BCYO/GvHLj1xZjZxD54=; b=VN6cndI7jrLkQeTrZA7Tu6j5d+6/7cS3H8RnacUT504HtKxXd8RUVPjoP1PT4BC6md iSpZAu17dMWbeC1+LLuvCfzM4rMNhJ/geNPX7R82R2hB2Kd64PzkkO8tHVBhR+2xNszr Ixy0o9Y5aW8117/152MVjbTX2KSQ6oJNndNttgHLMFcZ1I3GmwOwBmZPMYr2Uw434kEM xTLt8k5FypZi8VMSr7HZrR+fk25QYYcgHrToMXg5hBHtwb8S2CNQGkHVXY4pWLUZhm0f YMWDSUZr3df8Cn1qmmDhC/z8IOH+JJHVulIo+nUrOZHDZ8V5ke1Afb64aDtA3IEE+KtC LANg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=4GfnSlmj5USPdOpb2YhLlJ++BCYO/GvHLj1xZjZxD54=; b=UAAN2MOsfoPLmyNfjL72EGpfaq31OfPyK2zOU6/NGc+iaLvZz2qB9NP1ewxt6PO0fU E/Rn/woPxpj3nv52CMYIClMzOHCL79ozK8FKap6rCKPTgJCFNj3ih/MmH/UuEBmXgy8Q C9mQe4JHBvoR+SBBzmsyCW3sX8uKhLFcy9c8bRI+t1/0VL1CKpsjJqyMIx2KbUG3TxaV KXc5sVMpEom1N9/1tX8ax2SGOxsRC/sw29buv6dB+lfsu5bmDNEfqGO17pZ/yxaBgdJc u//zkpY3j6KkISz4Lji/TiAIvDroflIH/MDl7ZEx4e4CC/2OqfkpzTtidARPLpqOgxuQ /wvg== X-Gm-Message-State: AMke39ndDAjwJVppmxNETk7TeavvI7wdv4uIbTNOV4M5rCy8iOq1DKKYocZyveBzP8R0UQ== X-Received: by 10.36.20.216 with SMTP id 207mr9763323itg.61.1488093399352; Sat, 25 Feb 2017 23:16:39 -0800 (PST) Received: from [10.0.1.42] (71-81-80-204.dhcp.stls.mo.charter.com. [71.81.80.204]) by smtp.gmail.com with ESMTPSA id h91sm3096201ioi.24.2017.02.25.23.16.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 25 Feb 2017 23:16:38 -0800 (PST) From: Steve Davis Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2" Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\)) Date: Sun, 26 Feb 2017 01:16:37 -0600 In-Reply-To: To: Pieter Wuille References: <8F096BE1-D305-43D4-AF10-2CC48837B14F@gmail.com> <20170225010122.GA10233@savin.petertodd.org> <208F93FE-B7C8-46BE-8E00-52DBD0F43415@gmail.com> <20170225191201.GA15472@savin.petertodd.org> <20170225210406.GA16196@savin.petertodd.org> <4FE38F6A-0560-4989-9C53-7F8C94EA4C76@gmail.com> <20170225214018.GA16524@savin.petertodd.org> <4F6C2972-A320-429A-BD13-623B01F390A3@gmail.com> X-Mailer: Apple Mail (2.3259) X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Sun, 26 Feb 2017 07:49:12 +0000 Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by third-parties, not just repo maintainers X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Feb 2017 07:16:40 -0000 --Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On Feb 26, 2017, at 12:36 AM, Pieter Wuille = wrote: >=20 > The 80-bit collision attack only applies to jointly constructed = addresses like multisig P2SH, not single-key ones. That=E2=80=99s the part I=E2=80=99m less convinced about, and why I = asked the original question re SHA1 vs RIPEMD.=20 I=E2=80=99m checking my own numbers (and as you=E2=80=99ll appreciate = it=E2=80=99s a powers of ten thing), but I do see a vector. Which would = mean that if RIPEMD were weakened in any way, single-key transactions = could suddenly become badly exposed. --Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
On Feb 26, 2017, at 12:36 AM, Pieter Wuille <pieter.wuille@gmail.com> wrote:

The 80-bit collision attack only applies to = jointly constructed addresses like multisig P2SH, not single-key = ones.

That=E2=80=99s the part I=E2=80=99m less convinced about, and = why I asked the original question re SHA1 vs RIPEMD. 

I=E2=80=99m checking my = own numbers (and as you=E2=80=99ll appreciate it=E2=80=99s a powers of = ten thing), but I do see a vector. Which would mean that if RIPEMD were = weakened in any way, single-key transactions could suddenly become badly = exposed.

= --Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2--