What if an intruder modify scriptSig to get the same hashMerkleRoot of a block?

2

What if an intruder try to modify the coinbase transaction of a block buried in the blockchain, writing as output some other address. The arbitrary content of the scriptSig field could be modified as much as necessary so that the hashMerkleRoot hash match with the one in the original block. What prevents this thing happen?

Thanks.

iGustav

Posted 2019-05-10T14:09:30.833

Reputation: 23

Answers

2

I assume you mean scriptPubKey in the outputs of the coinbase transaction.

Assuming that, what you are describing is popularly known in cryptography as a pre-image attack. If you can find a 'collision' with fixed existing message (in your example that is the original coinbase transaction) in such a way that they both produce identical hashes then you have a pre-image attack. If you change the scriptPubKey in the output of coinbase transaction, assuming no 'collision' happens, it will change the txid and hence change the merkleroot, which would in turn change the block header hash.

SHA-256 algorithm outputs 32 bytes, which means there are a total of 2^256 (or 10^77 combination). SHA256 is a one way mathematical function, as a result you will have to brute force your way to actually produce hash similar to the one before. Running that kind of brute force is not only computationally impossible, but also impossible due to the energy that it consumes (check this).

Ugam Kamat

Posted 2019-05-10T14:09:30.833

Reputation: 5 180

2Finding a "collision" with a fixed existing message is called a preimage attack, and it is much harder than a collision attack. It's only called collision when the attacker just has to find two inputs that hash to the same thing, without constraints on what that hash is.Pieter Wuille 2019-05-10T17:10:46.880

@PieterWuille Thanks for clarifying, I'll incorporate in my answer.Ugam Kamat 2019-05-10T17:17:38.620