Take The New IOTA Hash Function For A Spin: Win €200,000

[PRIBO247]

ConsenSys Developers, take note: if things don’t work out
with the blockchain, there’s still  plenty of money on the
Tangle. The IOTA Foundation is offering bounties totalling
over 200,000€ to anyone who can crack their new trinary
hashing algorithm, which will be used to secure
transactions on the Internet-of-Things network.
The lightweight encryption function, dubbed “Troika,”
replaces the homebrewed Curl-P function previously used
to create addresses and sign transactions on the DAG.
Troika was designed in collaboration with Cybercrypt A/S,
a systems provider in robust cryptography commissioned
by the IOTA foundation.
Older hash functions are unsuitable because IOTA uses
ternary arithmetic, rather than binary, and the Foundation is
currently developing new computer chips built around
Base-3 logic.  As the Foundation explained in a press
release:

"With the introduction of trinary-based
hardware, trinary algorithms will run
more efficiently, leading to significant
reduction in computation and energy
consumption. These energy gains
underlie the choice of trinary
architecture in the IOTA protocol, and
are one of the main drivers behind the
creation of Troika."

Troika will establish “world-leading security for the IOTA
protocol.” said David Sønstebø, who co-founded the IOTA
Foundation, in a statement. “We hope that this competition
will bring the cryptographic community together on solving
security in the Internet-of-Things.”

Can IOTA Repair Its Image?
The contest appears to be aimed at burnishing IOTA’s
image: the company has previously been embarrassed by
revelations about the Foundation’s slipshod work. Last
year, a much-hyped partnership with Microsoft was
revealed to be mostly hot air , while the IOTA software was
extremely difficult to use .
But the biggest drama of all surrounded Curl-P, a prototype
hashing algorithm specially designed for the IOTA’s
machine-to-machine payments. Neha Narula, director of
the MIT Digital Currency Lab, discovered a “serious
vulnerability ” which allowed the MIT team to “find collisions
using commodity hardware within just a few minutes, and
forge signatures on IOTA payments.”

The report added, “Please don’t roll your own crypto.”
For a function designed to securely encrypt transactions,
discovering collisions is roughly equivalent to finding that
your housekeys also work in the neighbors’ locks. The
IOTA Foundation did not take the criticism gracefully, and
the fallout turned the DAG-based network into the
laughingstock of the cryptographic community.

Getting It Right
Since then, the IOTA Foundation seems to have learned its
lesson, and outsourced the hard work to professionals. By
publicizing the high bounties, the Foundation can both vet
the new hash function, and signal its commitment to rigorous security.
“The goal has always been to develop the most secure
lightweight hash function possible for IoT,” Sønstebø told
followers in an IOTA Discord Group. “The problem with Curl
was that we did not have hundreds of thousands laying
around to hire world class cryptographers. That narrative is
one of the most misunderstood in all of DLT history…”
Those days may be in the past, now that IOTA has the funds
for serious cryptographic security. “Our team has extensive
experience with the cryptanalysis of hash functions and
evaluated Troika against all known cryptanalytic
attacks over the last couple of months” said Peter Jerry
Sørensen, COO of Cybercrypt. “Further, we had external
reviewers conducting an independent analysis of the security of Troika.”

Troika still has to be thoroughly tested before being
integrated to the Tangle, but with 200,000 euros on the line,
any vulnerabilities will not remain undiscovered for very
long.

https://cryptobriefing.com/