Mission: Infiltrate the P2P Network

prostoalex writes "Wired News unveils the secrecy behind Overpeer, the company whose mission is to infiltrate peer-to-peer networks with low-quality audio and video files, or corrupted chunks of data which carry the same name and have the same size as originals. Apparently OverPeer even managed to procure a USPTO patent on (a) producing an advertising digital music file by deteriorating or damaging a sound quality of an original music file of a record of a cooperating record corporation; and (b) distributing the advertising digital music file through the communication network."

Re:MD5?

[JimDabell]

Isn't there some magical algorithm that produces an unique checksum number for a file, and if it were missing chunks wouldn't that reflect in that magical number? Don't most P2P networks use this magical MD5 checksum algorithm to ensure files aren't screwed up?

Yes, but the client supplies the checksum. There's nothing to stop a client from sending a phony checksum.

In any case, the checksum only really protects against things getting screwed up through the transfer - if they are screwed up to begin with, the checksum isn't going to help at all.

Stupid.

[grub]

It won't work well with all P2P networks. A prime example is the eDonkey network which uses a hash of each file as an identifier, not a filename/size identifier. You can rename the file to anything and the hash won't change. eMule Project is another great eDonkey network client and is open source.

This is too little, too late, unless you're stuck on Kazaa.

Re:Won't Work

[olethrosdc]

So suppose you do a search for 'Band XYZ'
and you get results
BAND XYZ - I can't write a song (md5=12345)
BAND XYZ - I cant write a song (md5=91283)

One of them is the real and the other is the decoy. Which one is which?

Or if they are ripped from analogue sources, they would be different.

The md5 thing only works if all files are exactly the same.

Community review/link sites.

[jonathan_ingram]

It's not too hard to avoid low quality/bogus files. All you need is some form of rating and feedback system. ShareReactor fulfills this need for the eDonkey network, providing links to verified versions of files. I imagine it's very possible to decentralise this system significantly, or even to integrate it into the file sharing protocol itself, in order to reduce the possibility of the rating site being shut down.

Re:MD5?

[jetmarc]

> No its not PRACTICAL...but maybe they've got some brute force per song?

They'd need A LOT of brute force. Still today exist no two known files with same MD5 hash. You could claim the big price if you could come up with two such files!

Re:Wrong.

[Anonym0us+Cow+Herd]

Secondly, we only presume MD5 to be a good one way hash--there is no absolute proof that it is. There might be some novel approach that we just don't know about yet.

True indeed.

Just like we might find a way to easily find the prime factors of huge composite numbers. Which would render public key cryptography useless. But mathematicians smarter than us seem to think this is not likely. So your suggestion that it might happen doesn't mean much. After all, we might find a way to travel faster than light.

I can certainly generate SOME file (even if it is ugly) that will match your MD5 hash (and pass your signature with flying colors).

All you have to do to proove that a program could be written that could break MD5 is to post two tiny blocks of data which have the same MD5 hash. Basically the same simple test I would offer to anyone claiming a perpetual motion machine. Simply demonstrate it. If you break MD5 you could be famous.

Thirdly, by definition, no one-way hash can rule out the possiblity of brute forcing the hash by throwing enough stuff at it with the hope that something else will generate the same hash.

It is a given that something else will generate the same hash. I agreed with this point in your earlier post. It is just finding it that is the problem. If the RIAA wants to spend hundreds of millions of dollars to build a machine that might possibly find a block of data that hashes to the same hash as one mp3 file, then I would be right there cheering them on.

Throw enough horsepower at any problem, and you can solve it by brute force. Heck, in theory, you could exhaustively search the keyspace for a 2048-bit key. Extra credit: How many machines were working for how many years on the RC-64 challenge?

In 50 years even there is every reason to think that this would be a trivial task.

It's premature to say this. Only time will tell.

A key principal of cryptography is that you pick key lengths and algorithms that remain unbroken not just based on today's technology, but based on tomorrow's technology and how long the secrecy of the data remains important.

For instance, each bit of additional length added to a key doubles the keyspace that must be searched. Moore's law, if it continues to hold true, says that computer power doubles every 18 months. Now you figure out how many extra bits you need to add in order to prevent a successful attack within a 50-billion year timeframe. A 2048-bit key, for instance, is probably adequate over a 64-bit key.

As to your hypothesis that MD5 can be broken, you may be right. Maybe it will be. But I wouldn't hold my breath.

Know your enemy

[dcavanaugh]

It looks like Overpeer is owned by some kind of Korean conglomerate www.sk.com. Hardly any consumer products, but it would be worth a look to see if they have anything that can be effectively boycotted or tarrifed to death.

They appear to be running Win2K/IIS, just like RIAA. Not that I'm saying this is bad, or anything like that :-)

Be on the lookout for any of the following people:

• Marc Morgenstern, CEO of Overpeer, Inc.
  
• Val Thomas (C.I.O.)
  
• Eric Bingham (C.O.O.)
  
• SunHong Min (Director of Board, SK Corporation)
  
• CheolWoong Lee (C.S.O., co-founder)
  
• Changyoung Lee (C.T.O., co-founder)
  
• Junghyoung Lee (System Engineer)
  
• Don Kim (Director of Board, SK Corporation)