March 27, 2026

Hash smash or cash grab?

Article URL →HN comments →

We broke 92% of SHA-256 – you should start to migrate from it

Did they just crack the internet’s lock? Critics call hype, others say switch now

TLDR: A team claims they’ve cracked most of a core internet lock (SHA‑256) and urges everyone to switch, hinting even Bitcoin could be hit. Comments split between alarm and skepticism, with jabs at credibility and cash‑grab vibes, and demands for proof of real, repeatable collisions.

Someone just yelled “we broke 92% of SHA‑256” and the internet did a double take. The researchers claim a world-first trick that gets most of the way to making two files share the same digital fingerprint, and urge everyone to start moving off the old standard. They say a respected expert cheered them on, and they even tease faster Bitcoin mining. The post links to a paper and files, saying it’s reproducible and “minutes” to extend. Stakes? SHA‑256 helps lock down websites and cryptocurrencies. Cue panic — and eye-rolls.

The comments exploded. Skeptics fired back: “Is this real? The website does not look credible.” Others demanded plain English: what does “broke” mean — can you make a fake twin file today? The snark brigade zeroed in on the funding plugs: “Are you sure you asked enough times for money?” and the “AI-produced PDF” jab had the crowd cackling. Crypto watchers warned about TLS (the padlock on websites) and Bitcoin, but cooler heads called it a new, narrow metric — not a full, practical break. Translation: fascinating claim, spicy marketing. Until a clear, peer‑reviewed collision shows up, it’s Schrödinger’s hash: both shattered and fine, depending on your tab.

Key Points

  • Authors claim a new metric result: a collision across all 64 rounds of SHA-256 with sr=59, satisfying 43 of 48 schedule equations.
  • They describe achieving “92%” of a SHA-256 break across 64 rounds and argue this suggests collision resistance may fall soon.
  • Method used new theorems plus low-level C code, extending from sr=57 to sr=59 via gap insertion and finishing with a solver in minutes.
  • All files and steps to reproduce the results are provided, with a separate PDF paper and linked resources.
  • They outline limitations (e.g., not using Wang-style message modifications) and speculate about implications for Bitcoin mining.

Hottest takes

"we've broken 92% of SHA-256 across its full 64 rounds" — logicallee
"Is this real? The website does not look credible." — jimjeffers
"Are you sure you asked enough times for money on the website?" — pixelpoet

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.