The MD5 Defense
A team of Chinese maths enthusiasts have thrown NSW’s speed cameras system into disarray by cracking the technology used to store data about errant motorists.
The NRMA has called for a full audit of the way the state’s 110 enforcement cameras are used after a motorist escaped a conviction by claiming that data was vulnerable to hackers.
A Sydney magistrate, Laurence Lawson, threw out the case because the Roads and Traffic Authority failed to find an expert to testify that its speed camera images were secure.
The motorist’s defence lawyer, Denis Mirabilis, argued successfully that an algorithm known as MD5, which is used to store the time, date, place, numberplate and speed of cars caught on camera, was a discredited piece of technology.
It’s true that MD5 is broken. On the other hand, it’s almost certainly true that the speed cameras were correct. If there’s any lesson here, it’s that theoretical security is important in legal proceedings.
I think that’s a good thing.
DarkFire • August 11, 2005 8:22 AM
[SNIP]
“On the other hand, it’s almost certainly true that the speed cameras were correct. If there’s any lesson here, it’s that theoretical security is important in legal proceedings.”
[SNIP]
This is very much the case. I’m not aware of what the standard of proof is in US criminal cases but here in the UK proof must be “beyond reasonable doubt”. And this means exactly what it says – the very slightest evidence that casts doubt on the proof that the accused person is guilty will almost always lead to a verdict of innocence.
Information security of any kind is of paramount importance in any legal proceedings.