Not sure what would count as examples here, honestly. The ones I know of were wh...

ahnick · on March 14, 2023

Yeah, I didn't think so. :) I know of no single incident of SHA-256 or SHA-3 having collisions successfully generated.

Cracking SHA-256 with rainbow tables is a fundamentally different exercise as you are relying on someone having selected a weak password that you can then generate a hash for. The weakness is not in SHA-256, but in the weak user selected password.

JohnFen · on March 14, 2023

> I know of no single incident of SHA-256 or SHA-3 having collisions successfully generated.

That's fine, I don't expect you to believe me without evidence. But I have seen this happen more than once in my work.

> you are relying on someone having selected a weak password

Stated another way, you are relying on having some idea of what the original data looked like, so you can reduce the search space. Absolutely correct.

However, if you're hashing public records like real estate, where you literally have the clear text, that's a much simpler problem than cracking passwords. All you need to do is alter the document in the way that you want, then find what other changes are needed to create a collision with the original hash. This is not very computationally intensive compared to password cracking.

Add in that the amount of money on the line with real estate can be high enough that it would make it worth throwing serious resources at it -- more than the average password cracker could even begin to summon -- and my confidence in the security of the hashes is greatly reduced.

Here's an interesting general overview of the problem: https://medium.com/asecuritysite-when-bob-met-alice/can-i-cr...