Hash collisions, are there consequences for crypto?
As you might know, hashing algorithms are at the core of most cryptocurrencies. In short a hashing algorithm is mathematical function which transforms string input of any length into a fixed length output string. A hash function will always return the same output for a specific string. This way files can for example be checked, if a document returns a different hash after it is received back from someone, you know they have changed it. Also this makes the blockchain off for example Bitcoin and many other currencies immutable, as changing any transaction or block will result in a completely different hash. Given the fact that every block has the hash output of the previous block as input, the chain will be broken and not accepted by the system. This is what makes the blockchain secure.
Hash collision
So what is a hash collision? Well this is the one thing you want to avoid when using a hashing function. It means two different inputs will return the same hash output, hence the term collision. To get back at the previously mentioned example. This would mean someone could mess with a file or even Bitcoin transactions without anyone noticing. When a collision occurs, a hash algorithm is considered broken. Examples of such hash functions are MD5 and SHA-1, the latter was "broken" last year.
So, if cryptocurrencies would use a hashing algorithm which is considered compromised, this would be an issue as in theory this would mean previously mined blocks could now be changed and adjusted without the blockchain noticing. The hash output from the previous transactions will be the same and so the chain remains intact. Luckily most cryptocurrencies use a strong hashing algorithm called SHA-256. This algorithm has a much bigger output size making it much more secure then for example MD5 and SHA-1. It would take many, many years to create a collision for the SHA-256 hashing algorithm, so for the time being this alogrithm seems secure.
IOTA
But there are some cryptocurrency projects out there, creating their own hashing algorithm. For example IOTA created a hashing algorithm called Curl. A team at the MIT Media Lab came forward and showed they were able to create multiple payments in the IOTA tangle with the same output hash, in other words a collision. Before going public they informed the IOTA-team and some changes were made to the hashing algorithm. This goes to show that collisions already have caused problems in a top crypto project.
Previously broken hash algorithms show it is hard to create a secure one. As these algorithms are the basis of blockchain projects, it is very important these algorithms are secure and most of all make it nearly impossible to create collisions, as this could destory a blockchain project.
Very interesting post. Thanks for sharing.