Risks of Not Understanding a One-Way Function
New York City officials anonymized license plate data by hashing the individual plate numbers with MD5. (I know, they shouldn’t have used MD5, but ignore that for a moment.) Because they didn’t attach long random strings to the plate numbers—i.e., salt—it was trivially easy to hash all valid license plate numbers and deanonymize all the data.
Of course, this technique is not news.
ArsTechnica article. Hacker News thread.
Leave a comment