Return-Path: <steven.charles.davis@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 2A4DE415
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Sun, 26 Feb 2017 07:16:40 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-it0-f66.google.com (mail-it0-f66.google.com
	[209.85.214.66])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DFDFCAD
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Sun, 26 Feb 2017 07:16:39 +0000 (UTC)
Received: by mail-it0-f66.google.com with SMTP id w185so8509558ita.3
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Sat, 25 Feb 2017 23:16:39 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:message-id:mime-version:subject:date:in-reply-to:cc:to
	:references; bh=4GfnSlmj5USPdOpb2YhLlJ++BCYO/GvHLj1xZjZxD54=;
	b=VN6cndI7jrLkQeTrZA7Tu6j5d+6/7cS3H8RnacUT504HtKxXd8RUVPjoP1PT4BC6md
	iSpZAu17dMWbeC1+LLuvCfzM4rMNhJ/geNPX7R82R2hB2Kd64PzkkO8tHVBhR+2xNszr
	Ixy0o9Y5aW8117/152MVjbTX2KSQ6oJNndNttgHLMFcZ1I3GmwOwBmZPMYr2Uw434kEM
	xTLt8k5FypZi8VMSr7HZrR+fk25QYYcgHrToMXg5hBHtwb8S2CNQGkHVXY4pWLUZhm0f
	YMWDSUZr3df8Cn1qmmDhC/z8IOH+JJHVulIo+nUrOZHDZ8V5ke1Afb64aDtA3IEE+KtC
	LANg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:message-id:mime-version:subject:date
	:in-reply-to:cc:to:references;
	bh=4GfnSlmj5USPdOpb2YhLlJ++BCYO/GvHLj1xZjZxD54=;
	b=UAAN2MOsfoPLmyNfjL72EGpfaq31OfPyK2zOU6/NGc+iaLvZz2qB9NP1ewxt6PO0fU
	E/Rn/woPxpj3nv52CMYIClMzOHCL79ozK8FKap6rCKPTgJCFNj3ih/MmH/UuEBmXgy8Q
	C9mQe4JHBvoR+SBBzmsyCW3sX8uKhLFcy9c8bRI+t1/0VL1CKpsjJqyMIx2KbUG3TxaV
	KXc5sVMpEom1N9/1tX8ax2SGOxsRC/sw29buv6dB+lfsu5bmDNEfqGO17pZ/yxaBgdJc
	u//zkpY3j6KkISz4Lji/TiAIvDroflIH/MDl7ZEx4e4CC/2OqfkpzTtidARPLpqOgxuQ
	/wvg==
X-Gm-Message-State: AMke39ndDAjwJVppmxNETk7TeavvI7wdv4uIbTNOV4M5rCy8iOq1DKKYocZyveBzP8R0UQ==
X-Received: by 10.36.20.216 with SMTP id 207mr9763323itg.61.1488093399352;
	Sat, 25 Feb 2017 23:16:39 -0800 (PST)
Received: from [10.0.1.42] (71-81-80-204.dhcp.stls.mo.charter.com.
	[71.81.80.204]) by smtp.gmail.com with ESMTPSA id
	h91sm3096201ioi.24.2017.02.25.23.16.38
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sat, 25 Feb 2017 23:16:38 -0800 (PST)
From: Steve Davis <steven.charles.davis@gmail.com>
Message-Id: <C3BDCE95-6DA6-44E4-AFB8-14F9B84ABC02@gmail.com>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Date: Sun, 26 Feb 2017 01:16:37 -0600
In-Reply-To: <CAPg+sBgndv+Q-MGhz6Th9A3xhtqouz6D9AENqRusnCz_m+2O2g@mail.gmail.com>
To: Pieter Wuille <pieter.wuille@gmail.com>
References: <8F096BE1-D305-43D4-AF10-2CC48837B14F@gmail.com>
	<20170225010122.GA10233@savin.petertodd.org>
	<208F93FE-B7C8-46BE-8E00-52DBD0F43415@gmail.com>
	<CAN6UTayzQRowtWhLKr8LyFuXjw3m+GjQGtHfkDj-Xu41Hym32w@mail.gmail.com>
	<CAEM=y+WkgSkc07ZsU6APAkcu37zVZ7dwSc=jAg1nho31S5ZyxQ@mail.gmail.com>
	<20170225191201.GA15472@savin.petertodd.org>
	<CAMZUoK=sq_sRoXuySca-VAGwA3AzeoZ5iNFSnKULbj+NtPjHFA@mail.gmail.com>
	<20170225210406.GA16196@savin.petertodd.org>
	<CAGLBAhdCb+QLWRm4FWkPvaM2sU24HuafdgNiS=wgnPTGzrW05w@mail.gmail.com>
	<4FE38F6A-0560-4989-9C53-7F8C94EA4C76@gmail.com>
	<20170225214018.GA16524@savin.petertodd.org>
	<D36DB0BD-C805-4346-B425-77D5B29582E5@gmail.com>
	<CAPg+sBhZ1UqOLqz_PVjjrE8Cbte_Y160Gq7P7EWf6cRKjMcDEQ@mail.gmail.com>
	<4F6C2972-A320-429A-BD13-623B01F390A3@gmail.com>
	<CAPg+sBgndv+Q-MGhz6Th9A3xhtqouz6D9AENqRusnCz_m+2O2g@mail.gmail.com>
X-Mailer: Apple Mail (2.3259)
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE, 
	RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Sun, 26 Feb 2017 07:49:12 +0000
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] SHA1 collisions make Git vulnerable to attakcs by
 third-parties, not just repo maintainers
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Feb 2017 07:16:40 -0000


--Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8


> On Feb 26, 2017, at 12:36 AM, Pieter Wuille <pieter.wuille@gmail.com> =
wrote:
>=20
> The 80-bit collision attack only applies to jointly constructed =
addresses like multisig P2SH, not single-key ones.

That=E2=80=99s the part I=E2=80=99m less convinced about, and why I =
asked the original question re SHA1 vs RIPEMD.=20

I=E2=80=99m checking my own numbers (and as you=E2=80=99ll appreciate =
it=E2=80=99s a powers of ten thing), but I do see a vector. Which would =
mean that if RIPEMD were weakened in any way, single-key transactions =
could suddenly become badly exposed.


--Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=utf-8

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dutf-8"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D""><br class=3D""><div><blockquote type=3D"cite" class=3D""><div =
class=3D"">On Feb 26, 2017, at 12:36 AM, Pieter Wuille &lt;<a =
href=3D"mailto:pieter.wuille@gmail.com" =
class=3D"">pieter.wuille@gmail.com</a>&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div class=3D""><span =
style=3D"font-family: Helvetica; font-size: 12px; font-style: normal; =
font-variant-caps: normal; font-weight: normal; letter-spacing: normal; =
orphans: auto; text-align: start; text-indent: 0px; text-transform: =
none; white-space: normal; widows: auto; word-spacing: 0px; =
-webkit-text-stroke-width: 0px; float: none; display: inline =
!important;" class=3D"">The 80-bit collision attack only applies to =
jointly constructed addresses like multisig P2SH, not single-key =
ones.</span></div></blockquote></div><br class=3D""><div =
class=3D"">That=E2=80=99s the part I=E2=80=99m less convinced about, and =
why I asked the original question re SHA1 vs RIPEMD.&nbsp;</div><div =
class=3D""><br class=3D""></div><div class=3D"">I=E2=80=99m checking my =
own numbers (and as you=E2=80=99ll appreciate it=E2=80=99s a powers of =
ten thing), but I do see a vector. Which would mean that if RIPEMD were =
weakened in any way, single-key transactions could suddenly become badly =
exposed.</div><div class=3D""><br class=3D""></div></body></html>=

--Apple-Mail=_93CEB2E1-BA4D-4A19-B2D2-99031BBEA5A2--