If they think for a replacement there is a reason, right? If they think for a replacement after 2012 why you shouldn't? Or you intend to use SHA-2 until 2140?

SHA-1 is still unbroken (as far as i know), but that's no reason to not use SHA-2. Just means that SHA-1 had a possible future weakness that could be fixed, for the most part, but at the cost of using more computing power. The time has just come again that average computing power has yet increased that they see fit to upgrade it to nip any possible weakness in the bud. The only problem found in SHA-1 was a POSSIBLE mathematical weakness, and since SHA-2 is roughly based on SHA-1, just a bit beefed up, the search for a replacement to SHA-1 never really stopped.

Block headers contain a version.

Yes, but you don't understand the reason. Designing a new hash is not something you just throw together over a weekend with a few beers and a whiteboard. If they waited until there was a credible threat to SHA-2, then that's waiting too long - the algorithm would be broken before a replacement was ready and proven strong.

So instead, they leapfrog the standards and it's merely up to users to implement it when their risk assessment decides it's time to do so - Bitcoin would be no exception: when SHA-256 is not as useful as one of it's replacements, I'm sure the devs will begin the difficulty and thorny process of replacing it in the Blockchain.

I highly doubt they'll switch just because NIST declares a great new algo and it looks shiny.


I don't think doing it now, versus in 5 years makes it any less of a nightmare, personally. It's still going to take the cooperation of the network, and I don't think making the network more diverse makes that significantly harder. On the flipside, a giant clusterfuck of changing the algo might be another cataclysmic event for a digital currency that's taken a pounding lately.

The only real benefit I can think of is that you wouldn't fuck over the people who are building ASIC farms if you did it now - I think that's their problem though, not the network's.

The competition ends in 2012, at which point the new standard will be written. They're not mandating anyone replace SHA-2 in 2012, just that's when the new standard will be written.

They didn't start SHA-3 because they expect SHA-2 to be broken in 2012, which seems to be the assumption you're blindly leaping to.

Where did I say we should jump into the new standard immediately? All I'm saying we should be prepared to jump once necessity arises.

I'm surprised an option for changing bitcoin hashing algorithm was not envisaged in the original concept. Everything that is man-made can be destroyed or counterfeited by another man. This is why everything valuable for the society should have built-in mechanisms for defence and protection improvements in case it is needed.

Think about current bank notes and bills. In the beginning of their life span they all have a cutting-edge and state-of-the-art protection in place (serial numbers, watermarks, micro seals, color-shifting ink, embedded fibers, security thread, holograms, you name it). As time passes and technologies employed mature (become cheaper to acquire and implement) it gets easier to produce counterfeit money. On top of it, very often a 'leak' occurs and 'unsanctioned' printing of genuine bank notes takes place. When that happens there is no choice but to withdraw old bank notes from circulation and emit new notes with new design and improved protection against counterfeiting.

Bitcoin is a cryptographic currency. That means its strongest line of defence is the hashing algorithm. If this line is somehow endangered there must be options in place to strengthen it by orderly introducing new 'design' with more secure hashing algorithm.

There:

I wasn't sure you were a troll
Now I am

Where there, jackjack?

The guy that was arguing with me basically said NIST announced this competition just in case... What I'm asking is 'If they don't want to wait anymore and are acting now just in case, what are you waiting for and don't act just in case as well?'

How are you prepared for a possible change in SHA?