To be frank, it wasn't 'cracked'. The nature of the string lent itself to be recognised as a hash. What they guy did was determine what type of hash algorithm (not difficult as there aren't that many in regular use), make an educated guess as to what the plain text was and recreate and compare strings.

revers • July 19, 2010 8:36 AM

http://www.dshield.org/tools/reversehash.html

BF Skinner • July 19, 2010 8:47 AM

Forgot to add...let the quibbling and hair splitting begin!

too late now.

Guessing plaintext is a valid attack isn't it? Isn't it the principal behind dictionary and brute force attacks.

anon • July 19, 2010 9:00 AM

Late post, lame code, and being a hash it cannot be called "cracked"

Wes P • July 19, 2010 9:05 AM

Yea, this was on /. a while back. I was excited, then I found out it was ONLY and md5 hash. Then I was severely disappointed. The only redeeming quality here could would be if this hash of their mission statement is shared with some other bizarre encrypted message that no one will ever find out... but this is the government we're talking about. Fat chance at that one.

Christopher • July 19, 2010 9:06 AM

Why are they still using MD5? I'm sure a collision free hash is good enough for their logo, but shouldn't a newly formed military infosec group prefer a strongly collision free one?

vedaal • July 19, 2010 9:11 AM

Well, since it IS MD5, maybe it might be interesting to give it to the 'cloud' to generate 'alternative ' mission statements' until a collision is found ...

A Non • July 19, 2010 11:05 AM

Why is it that the US government has better steg than I can get?

aikimark • July 19, 2010 11:15 AM

The real challenge now begins to find a (collision) text message producing the same MD5 value.

rog • July 19, 2010 11:42 AM

i was just thinking that! preferably a suitably scurrilous/witty message.

Jake • July 19, 2010 1:16 PM

> shouldn't a newly formed military infosec group prefer a strongly collision free one?

of course they prefer such a thing. we're just not allowed to know what it is!

Bob • July 19, 2010 3:09 PM

Yeah, a little behind the times..

It was pretty clearly an MD5 and then easy enough to guess (and not decrypt).

HOWEVER, I do think it's a great way for them to get people to read (or at least skim) their mission statement.

Davi Ottenheimer • July 19, 2010 6:08 PM

de58aa2162ced34566ff514a8e1c57bc

Chris • July 19, 2010 7:30 PM

>The Wired article mentions 'decoding', but the plaintext was guessed, not decoded.

i am sure USCYBERCOM will happily sign up anyone who can consistently produce verifiable plaintexts -- even if it's by guessing rather than cryptanalysis.

Admin • July 19, 2010 10:40 PM

www.usacybercommand.com

Sasha van den Heetkamp • July 19, 2010 11:01 PM

SHA didn't fit the logo, so they resorted to MD5. Typically the trade-of I would expect.

Jarda • July 20, 2010 1:53 AM

Save the logo. In future it will allow you to check, if the mission statement didn't change

Henning Makholm • July 20, 2010 5:56 AM

There are no (first or second) preimage attacks against MD5 yet, are there?

Corned Beef • July 20, 2010 7:56 AM

USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries. P.S. Mattel Aquarius rules OK.

***

Hmm. Can't work out why my MD5 is different.

vedaal • July 20, 2010 3:04 PM

@ Henning, Akimark and Rog :

Here's a possible way to find a collision:

[1] Compose your own message M, less than 391 characters.
[2] Generate random suffix characters and append to M until a 391 character length.
[3] Check if the 'logo' hash verifies.
[4] Repeat steps 2 and 3 until it does.

Example:

USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; to use the latest vetted strong cryptographic hashes. Our special encoded message follows: fghmtghkp5gygtpgtjk\rgkdslm\HSJY8Sghahrjyjkuknn689w6793okgi838939k49499k889898989898kk89989k788o9o999kyoyo76fytytiiiu8888

Write a script in Perl or Python to randomly generate the suffix part until the given hash verifies.
Bruce, Do you want to offer an autographed book as a prize? ;-)

averros • July 22, 2010 4:00 AM

Your tax dollars at work.

Yawn.

anton • August 9, 2010 6:34 AM

So for lazy people like me, please can someone quote the Cybercom's 58-word mission statement!

Presumably the motivation for putting the mission statement hash into the logo was to draw attention to it.

Post a comment

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

Subscribe via Kindle

Blog Menu

Search

Powered by DuckDuckGo

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D

Schneier on Security

July 19, 2010

Embedded Code in U.S. Cyber Command Logo

Comments

Post a comment

Search

Powered by DuckDuckGo

Archives by Date

Tags