If the SHA256 algorithm is public, why can't attackers use it to create more collisions rendering the algorithm useless?
Asked
Active
Viewed 40 times
0
-
Because it is one-way function. – kelalaka Jul 11 '21 at 12:35
-
Finding collisions doesn't make a hash function "useless" either, it depends what it is used for. It may still create well distributed output and may be invulnerable against pre-image attacks. The generation of collisions also has per-conditions attached to them. Of course, we'd still favor unbroken hash functions, which is why everybody steers away from MD5 and SHA-1. – Maarten Bodewes Jul 11 '21 at 12:41
-
2There simply is no reason that being public implies being weak. Thus indeed the question boils down to: What makes SHA-256 secure? – fgrieu Jul 11 '21 at 13:52