4
1
I read in this Github pull that Bitcoin relies on weaker cryptographic guarantees than SHA256.
What are the weaker cryptographic guarantees being referred to?
Could it be that RipeMD is 160 bits? ... or is it something else? Perhaps in the ECC curve itself?
-1
This doesn't directly answer your question, but in ECDSA, if the private key is close to one of the 768 rendezvous points on the secp256k1 curve, it is considered a weak private key and can be compromised. See this BitcoinTalk thread. In practice, this isn't a huge threat as long as you use a good source of randomness since the space around those rendezvous points is a miniscule fraction of the total keyspace.
1That thread is a joke, sorry. – Pieter Wuille – 2014-03-10T18:56:55.203
I don't see the word "weak" in that thread at all. What's the quote you're interested in? – Rich Apodaca – 2018-06-24T19:18:04.083
Did you link the wrong pull request? – G. Maxwell – 2018-07-23T12:32:01.110