Ask HN: Bitcoin Mining Operations Perpetuating Weaknesses in SHA-256?

Unlike SHA-1, which has a 2^60 local-collision attack and a 160 bit output (so an 80 bit birthday bound), SHA-2 has no theoretical attacks and a 128 bit security bound.

You can do the math on how much it would cost to find a SHA-2 collision; for instance, you can steal Skein team member Jesse Walker's back of the envelope calculations, assigning 2^61 cycles and 2^8 dollars to a server-year. Now multiply the number of cycles a block of SHA256 takes by 2^128.

I don't think a direct attack on SHA256 is a productive use to put the world's computers.

Rainbow tables are a space time tradeoff for specific known inputs, since the BTC blocks are not generally 'known' nor do some blocks occur more frequently than others rainbow tables are useless. Even when passwords are merely salted rainbow tables are abandoned as not worth the time.

You could pregenerate a 'longer' chain, but the problem is the 'legnth' of the chain is calculated based on difficulty not number of blocks, so you'd need more computer power than all miners combined.

If you want to get cynical about US / Chinese approval for BTC it would probably be willingness to buy enough hardware to precompute a longer chain.

The algos to exploit are the RNGs used in the ECDSA portion of BTC which allow you to derive the private key and directly spend bitcoins, there aren't any currently known weaknesses in relation to SHA256 in BTC. The RNG issue is specific to certain implemenations of BTC and has nothing to do with the protocol itself. (Similar to how an exploit for apache is not a weakness in HTTP)

Miners are computing hashes for a very specific chunk of data. And it's also double SHA256 which is not used in any standard key-derivation function. Specialized mining machines implement a lot of shortcuts to optimise for that exact hashing (in silicon!) and are useless for anything except Bitcoin mining.