SHA-256 Cryptanalytic Experiments

#1

Sharing what I saw posted elsewhere. By Noctarion, an independent cryptography researcher.

I ran 60 cryptanalysis experiments on SHA-256. Here’s what I found.

TL;DR
SHA-256 cannot be broken. No shortcut for mining exists. But proving that produced 7 novel findings.

The 7 novel findings:

  1. Double-SHA-256 is NOT two independent hashes (9.56σ)
  2. |HW(a)-16| → leading zeros: 20.48σ
  3. Round 8 is the “insulator” — 17× drop
  4. Nonce identity preserved (26.25σ) — but useless
  5. Mixing: 85% linear + 15% nonlinear
  6. First algebraic mining impossibility proof via Z3
  7. Groebner basis: 2^71 worse than brute force

All 19 Frameworks — 0 Exploitable Signals

Sources:

Paper link (awaiting review, should show later):

Bitcoin SE post:

2 Likes
#2

Some updates:

v1.1.0 (2026-04-28) — Reproduction script and corrections

Following critical review (BattleDog, Bitcointalk forum, 2026-04-27),
this version adds reproduce.py — a single self-contained reproduction
script with fixed seeds, pinned construction, and pre-registered claims.

Reproduction results at N=50,000:
Finding #1 (cross-hash carry → LZ): r = +0.0018, |z| = 0.39σ — DOES
NOT REPRODUCE. Original 9.56σ → 6.5σ → 0.39σ progression confirms
the signal was sample-specific. Conceded: Finding #1 is dead.
Finding #3 (round 8 insulator): largest avalanche jump locates at
round 5 (Δ=0.125) in the pinned 72-byte / nonce=W[1] construction,
not round 8 as claimed. Qualitative claim (sharp transition)
survives; specific round number does not.
Finding #5 (rotations dominate mixing): reproduces strongly. Ratio
rot/Ch ≈ rot/Maj ≈ 4.78×10^8. Robust.

Net: 1 of 3 surviving findings is robust under fresh-seed reproduction.
Paper revision pending on IACR ePrint.