EnglishEnglish中文中文DeutschDeutschEspañolEspañolFrançaisFrançaisΕλληνικάΕλληνικάहिन्दीहिन्दीHrvatskiHrvatskiMalayMalayItalianoItaliano日本語日本語한국어한국어NederlandsNederlandsрусскийрусскийاَلْعَرَبِيَّةُاَلْعَرَبِيَّةُภาษาไทยภาษาไทยTürkTürkTiếng ViệtTiếng ViệtEditor
Learn
FAQs
Frequently asked questions by various stakeholders
Why Classic?
Start here to get the lowdown on Ethereum Classic's reason for being and unique value proposition
Knowledge
Further reading on the foundations that underpin ETC
Videos
A collection of videos and podcasts to keep you informed on ETC concepts and happenings
Support ETC by helping to translate this website!
Ethereum Classic Blog

Why Ethereum Classic Uses An Incorrect SHA3 Implementation

Christian Seberino

SHA3 Description

Keccak
Keccak

The Secure Hash Algorithm 3 (SHA3) functions are referred to as SHA3-224, SHA3-256 and SHA3-512. The hash sizes are the same as SHA2. Therefore, SHA3 can easily replace SHA2 should that become necessary. The SHA3 algorithms however are substantially different. These differences will hopefully make any weaknesses ever found in SHA2 not also apply to SHA3. There are no known vulnerabilities in either SHA2 or SHA3.

SHA3 History

NIST
NIST

Several years ago improved attacks and increased computing power made MD5 and SHA1 insecure for some applications. People became concerned that improved attacks might also make SHA2 insecure for some applications. Therefore, the National Institute of Standards and Technology (NIST) began the process of finding an alternative in 2006. Keccak became the official SHA3 standard in 2015. Keccak functions have multiple adjustable parameters. Different choices imply different levels of security and performance.

SHA3 Controversy

Snowden
Snowden

NIST attempted to make changes to the selected Keccak functions after the peer review process to increase performance. The new candidates were all legitimate Keccak functions and not necessarily a bad idea. Unfortunately for NIST, these changes were proposed shortly after the Edward Snowden revelations. Snowden was a National Security Agency (NSA) contractor who exposed top secret information about several questionable programs starting in 2013. Documents suggest the NSA may have colluded with NIST to intentionally weaken the Dual_EC_DRBG standard. Therefore, the reaction to the proposed SHA3 changes was ferocious. NIST eventually backpedaled and reverted to more secure albeit slower Keccak function choices.

SHA3 & ETC

confusion
confusion

The Ethereum (ETH) system was developed in the midst of this drama. The Ethereum Foundation decided not to follow every twist and turn that occurred after the SHA3 peer review process. Therefore, ETH uses a hash function that today is referred to as Keccak-256 instead of SHA3-256. Because Ethereum Classic (ETC) inherited this design decision, it also uses Keccak-256. There is nothing wrong with that except that Keccak-256 is referred to in many places as SHA3. This has led to lots of confusion. There are multiple Ethereum Improvement Proposals (EIPs) to fix this. Solidity has already implemented some corrections. If you understand now, please support my Ethereum Classic Improvement Proposal (ECIP) to address this.

Feedback

You can contact me by clicking any of these icons:

twitter
twitter
facebook
facebook
linkedin
linkedin

Acknowledgements

I would like to thank IOHK (Input Output Hong Kong) for funding this effort.

License

license
license

This work is licensed under the Creative Commons Attribution ShareAlike 4.0 International License.

This page exists thanks in part to the following contributors:


cseberino
cseberino
  • EnglishEnglish
  • 中文中文
  • DeutschDeutsch
  • EspañolEspañol
  • FrançaisFrançais
  • ΕλληνικάΕλληνικά
  • हिन्दीहिन्दी
  • HrvatskiHrvatski
  • MalayMalay
  • ItalianoItaliano
  • 日本語日本語
  • 한국어한국어
  • NederlandsNederlands
  • русскийрусский
  • اَلْعَرَبِيَّةُاَلْعَرَبِيَّةُ
  • ภาษาไทยภาษาไทย
  • TürkTürk
  • Tiếng ViệtTiếng Việt
  • Editor
Add ETC to MetaMask
The ETC community is active on Discord
Discord
Discord
ETC Coop Discord
ETC Coop Discord
Github
Github
ETC Labs Github
ETC Labs Github
Reddit
Reddit
Twitter
Twitter
This site is powered by Netlify

Learn

  • FAQs
  • Why Classic?
  • Knowledge
  • Videos

Made with <3 for the Original Ethereum Vision