Slashdot Mirror

← Back to Stories (view on slashdot.org)

Crack the Code In US Cyber Command's Logo

Posted by samzenpus on from the hardy-boys-wanted dept.

Dan writes "According to Wired: 'The US military's new Cyber Command is headquartered at Ft. Meade, Maryland, one of the military's most secretive and secure facilities. Its mission is largely opaque, even inside the armed forces. But the there's another mystery surrounding the emerging unit. It's embedded in the Cyber Command logo. On the logo's inner gold ring is a code: 9ec4c12949a4f31474f299058ce2b22a.'"

10 of 380 comments (clear)

  1. md5? by betterunixthanunix · · Score: 5, Informative

    Looks like it is the same length as an MD5 sum...

    --
    Palm trees and 8
    1. Re:md5? by Anonymous Coward · · Score: 5, Informative

      It is a dumb md5 hash and nothing more.

      "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

    2. Re:md5? by jimmyswimmy · · Score: 5, Informative

      $ echo -n "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries." | md5sum
      9ec4c12949a4f31474f299058ce2b22a  -

      --

      Just my $0.55 (US inflation, 1774-2008, for $0.02)
    3. Re:md5? by simcop2387 · · Score: 5, Informative

      whoever you are, you deserve a cookie.

      echo -n "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries." | md5sum
      9ec4c12949a4f31474f299058ce2b22a -

    4. Re:md5? by Doomstalk · · Score: 3, Informative

      That's because it is an MD5 sum

    5. Re:md5? by Aphoxema · · Score: 5, Informative

      MD5s don't hold information, they're a trap-door. It's perfectly possible that another combination of characters would lead to the same MD5, but it's incredibly unlikely that those characters would be lingually meaningful.

      Passwords are often "stored" server-side as a hash. Why I quote "stored" is because the password isn't stored at all! The server doesn't know the actual password, you would have to digest every possible combination of characters to find a hash that exactly matches the one stored on the server, but by knowing a string that already does (your password) you're already there.

      MD5 alone is a poor choice for trapping important strings because it is possible to "plan" a collision... for example, if a web-site offered you a file and an MD5 hash to test the source of that file, with enough cleverness and computing power another party could give you a different file with the same MD5 hash.

      --
      "Most people, I think, don't even know what a rootkit is, so why should they care about it?"
    6. Re:md5? by idontgno · · Score: 5, Informative

      Sheesh.

      Either you're trolling or you don't comprehend the difference between hashing, encryption, and compression.

      You display a practical understanding of compression: output size is proportionate to input size. But again, since compression algorithms work in blocks or streams of data, there's no theoretical limit to input size. Things like filesystem file size limits may apply, but again, if it's a stream compression with a stream input (e.g., network socket) and a stream output (ditto), there's no limit (other than externals like the finite lifespan of the Universe).

      Encryption's affect on size is different than compression. Without padding, encryption output size should be the same as input size. Many algorithms do pad short inputs, so there may be a small increase in output size. Again, since ciphers can operate in stream modes, there are no inherent limits (other than, for instance, available one-time-pad data for OTP ciphers.)

      Hashing, on the other hand, is in essence an extremely fancy checksum, specifically designed to use cryptographic functions in order to radically increase the likelihood that the hash value derived from any particular input is relatively unique (i.e., the hash of a particular input is radically different from the hash of another particular input which is almost identical to the first--small differences in input yield obvious differences in output.)

      Checksums are, by practical definition, fixed-size, and that size is much smaller than the majority of the potential inputs. The classic checksum is a single check digit: (running total of input) mod 10. Cryptographic hashes (such as MD5--which stands for Message Digest Algorithm 5, btw) are defined to be 128 bits. No matter how long the input is, the MD5 algorithm always produces a 128-bit output, because it iteratively processes bytes of the input 128 bits at a time.

      C'mon. You mean to tell me I can take the collected works of Harry Potter and boil them down to a 128 bit MD5 number? Wow that's some amazing test compression. Even ZIP isn't that good!

      It's not compression. Compression requires reversibility. Hashes are, by definition, not reversible: a "trap door function". The idea is that you can take an input and digest it into a 128-bit number which relatively uniquely represents it, but you can't reverse the 128-bit number and recover the original input. That would be foolish: "I'll reverse the hash, edit the text, re-hash it, and send it on its way; no one will be the wiser."

      --
      Welcome to the Panopticon. Used to be a prison, now it's your home.
  2. And... by stressclq · · Score: 5, Informative
    It was quite swiftly found out to be the MD5 hash of (remove quotes): "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

    News at 11..

  3. Re:Silly government! by debrain · · Score: 4, Informative

    Don't they know MD5 is deprecated. They should be using SHA-1. Off to a disappointing start already...

    SHA-1 is deprecated, too. They should be using SHA-2, or if they really want to show off SHA-3.

  4. MD5 - supposed to be pretty basic by Firethorn · · Score: 3, Informative

    I almost replied before I saw the GP's post explaining it, but was hesitant because I was wondering if you were trolling.

    'googling it', in this instance, or looking it up on wiki is fairly logical because it will give you a well written description without us going through the effort of writing it ourselves.

    I didn't realize it was essentially a random, unrecoverable number.

    It's deliberate that you're not able to recover the original message from the MD5 sum, but 'random' is very much NOT true. It's used as data verification - a small change, even just a bit, in the message stream will result in a vastly different number. But feed it the same data, and you'll get the same number back, every time.

    This allows you to verify things like messages and binaries haven't been altered from their original verified state.

    --
    I don't read AC A human right