密碼學／加密貨幣原理

正皮 lm

我聽講quantum computer已經可以crack rsa,咁SHA呢?

encryption 同 hash 都唔係同一樣野

兩個的確唔係同一個concept

rsa based on factorisation problem, while SHA face the Challenge of finding its inverse function

However, if quantum computer has enough computational power then brute forcing might solve the problem.
Having said that, one can always find another hash function which require N quantum computer hours making using brute force with Quran computers difficult, essentially leveraging the non-linear property of solving a given problem (P vs NP problems)

我就係想講依樣野

RSA基本上只需要整大個key size. 但如果有無限computational power咁基本上咩encryption同hash function都冇用

哇留名

強貼牛名

lm

留名

用數學既方法黎表示上面兩個特質：
x1, x2係input
y1, y2係output

Hiding:given y1, 好難好難好難搵到x1 such that SHA256(x1) = y1
collision resistance：好難好難好難搵到x1, x2 such that SHA256(x1) = SHA256(x2)

數學家發明既hash function有好多款
但就唔係款款hash function都符合到上面兩個要求
例如SHA family入面既SHA1(output length: 160 bit)
美國政府起1995年發表SHA1, 所有科技巨頭包括Apple Google Microsoft 當時都用左呢個cryptographic hash function
用暴力破解SHA1既話計2^80次先會搵到一對input導致collision
直到2005年，一個中國女數學家-王小雲 發現左個方法，只需要計2^63次就會搵到collision input
注意王小雲只係諗到個方法，但係果時佢都未真係搵到x1,x2 such that SHA1(x1)=SHA1(x2)
要再隔多12年，即係2017年既二月， Google先成功製造到兩份唔同既PDF file , 佢地既SHA1 output係一樣既
所以而家SHA1已經無資格做cryptographic hash function, 只能夠做一個普通hash function

如果大家有留意chrome既新聞，應該聽過chrome由v.56開始唔再支援SHA1生成既certificate
就係因為google知道chrome已經唔再安全，通過到SHA1認證都唔代表乜野
唔係話SHA完全無用，例如git而家仲用緊SHA1黎做file integrity check
只係大家已經唔可以倚靠呢個function黎保護系統

hash function仲有好多值得講既topic
例如birthday attack: 160bit output length既hash function點解只需要2^80步就可以暴力破解到collision,而唔係2^160步?
點為知好難好難好難搵到？有無單手游出公海咁難？

講左咁耐，究竟hash function同bitcoin有咩關係？
SHA256正正係所有礦工日計夜計既數：Find x such that SHA256(x) < target
而且成條blockchain之所以安全，之所以無可能被篡改，都係多得SHA2既collision resistance property
詳情就留番後面既chapter先講

純好奇，好想知點解唔係2^160

我聽講quantum computer已經可以crack rsa,咁SHA呢?

encryption 同 hash 都唔係同一樣野

兩個的確唔係同一個concept

rsa based on factorisation problem, while SHA face the Challenge of finding its inverse function

However, if quantum computer has enough computational power then brute forcing might solve the problem.
Having said that, one can always find another hash function which require N quantum computer hours making using brute force with Quran computers difficult, essentially leveraging the non-linear property of solving a given problem (P vs NP problems)

我就係想講依樣野

RSA基本上只需要整大個key size. 但如果有無限computational power咁基本上咩encryption同hash function都冇用

咁密碼學不嬲係玩緊時間
無限計算 係突破左時間 咁緊係破解到
同埋依家都未有無限計算的量子電腦

Lm

lm

lm學野

流明

留名學野

Sha 係單向 rsa 係雙向，驟眼睇落好似sha secure 啲，但其實係咪用法唔同無得咁比？

肥C：起X 喺

Sha 係單向 rsa 係雙向，驟眼睇落好似sha secure 啲，但其實係咪用法唔同無得咁比？

Rsa is asymmetric encryption and SHA is hash function.
兩樣唔同用法

Btw學術台多d呢d post就好

真係好有心機，睇第二次先明，btw想問SHA256出黎既code 基於咩原則去編製？隨機？

强帖留名

留名學野

Wow it is rarely seen high-quality post on 連登
The entire infrastructure is based on the concept of Bitcoin that Nakamoto defined as a chain of digital signatures, it is possible to consider the coin as a token digitally signed by the owner that desires to transfer the currency. To be more accurate each user transfer the coin to other entity in the network digitally signing a hash of the previous transaction and the public key of the next owner, the signature is then added to the end of the token.
The payee is the only one that could verify the previous transaction using its private key because the coin has been signed using its public key, this allow it to verify the chain of ownership. The described process has solved the problem of authentication of the payment and not repudiation, but we are still not able to avoid the duplication of the transaction, in practice the circuit must avoid that the same coin could be used in multiple transactions.

The model is enriched by another actor, entrusted with the task of verifying that each coin is spent only once, this central authority is named “mint”. To discharge its task, after each transaction the mint acquires the coin used to issue a new coin, in this way only the coins distributed directly from the mint are valid and only for them there is the assurance that have not already been spent.

Great … the model proposed is able to trust the entities involved in the transaction and to control the effective circulation of the currency … but there is still another factor not yet considers … the time! When does a transaction occurred?

I don't understand how it can be exchanged to other currencies using PayPal during transactions ...

Sha 係單向 rsa 係雙向，驟眼睇落好似sha secure 啲，但其實係咪用法唔同無得咁比？

Rsa is asymmetric encryption and SHA is hash function.
兩樣唔同用法

yes, 仲有symmetric (DES, 3DES, AES) 同aymmetric algorithm (RSA, elliptic curve) 嚟做 encryption. PKI 就加埋digitial signature, hashing, 同 encryption

留名跟大師學嘢