2 upvotes, 1 direct replies (showing 1)
View submission: Unrealistic volatility expectations
In regards to your comments about no proof that cryptographic technology is actually secure, this was very interesting. From what I read it is very secure, can you shed more light on this please? Great read!
Comment by theymos at 28/06/2017 at 17:26 UTC*
4 upvotes, 1 direct replies
Bitcoin's ECDSA (and most other public-key crypto) is in fact known to be completely busted if anyone can figure out how to efficiently factor numbers. Quantum computers are known to be able to do this, which is why ECDSA is busted by quantum computers. But it's not known whether some efficient algorithm exists for prime factorization on traditional computers. It's not known whether this problem is in P or not, or whether it is NP-complete. If someone gets a spark of brilliance and finds an efficient factorization algorithm, ECDSA (and RSA, DSA, etc.) is busted. There may also be other vectors of mathematical attack than just prime factorization.
Almost all symmetric crypto, including Bitcoin's SHA-256 and RIPEMD-160, are designed by heuristic (ie. by educated guessing). You take the input bits and try to devise ways of scrambling them enough so that the required properties of crypto hash functions are maintained. There is no proof that the scrambling is actually effective. It's possible, and it has been done in other hash functions, to find patterns enforced by the scrambling which were not obvious to the author of the hash function. For example, a hash function could, due to its particular method of scrambling, never have bit 5 set if bits 10 and 11 are set. These patterns reduce the difficulty of attacking the hash function; for example, it should take on the order of 2^64 basic operations to find two inputs which result in the same MD5 hash, but due to patterns (ie. weaknesses) found in MD5 long after it was designed, it only takes on the order of 2^18 operations.