Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Development & Technical Discussion
Re: REWARD offered for hash collisions for SHA1, SHA256, RIPEMD160 and other
by
s.john
on 20/03/2023, 01:04:05 UTC
Quote from: digaran on March 18, 2023, 08:17:46 PM

Second attempt, this time on SHA-256.

We take this and use it as our public key:

[6]dacb99a98b80d48adbd8b94c9a7905996503d2ab
Then we perform a SHA-256 on it to get our hash of pub ready to convert to an address:
[5]32f51406f6d584a5b62365de425d01f308fc56a33682492284cc7577ceeb8868
Now we do a RMD160 on it:
6c161fcca8bbd0fe7a393b11b0499bb0754e3f7f
And the resulting address is:
[4]1ArWUwF2WfPnDubReohn2vtPodfPpG5Evq

Once again we have arrived at the scene of a collision, if you find the actual public key of [4], and perform a SHA-256 on it, you will see that the result is the same as[5], which means [6] and the actual public key of [4] which are different in value and length etc, collide with a similar SHA-256 hash, 2 different inputs, producing 1 unchanged output.



Let's pretend there was funds in the address in your example 1ArWUwF2WfPnDubReohn2vtPodfPpG5Evq ,  still they won't be able to move those funds since they don't know the private key of that address, the steps you provided is not enough to do that.