The story didn't mention if the photos were taken at the same time of year, only the same place. I wonder if that has anything to do with the apparent results.
I feel that the information I share is at my own peril. Perhaps we should worry less about data security and invest more energy in learning how to get stuff done without the need to share important info in the first place.
Well, we disagree. That is not THE meaning, it a one of 3.5^10000000 meanings (give or take infinity other ones).
Ever wonder how those reverse-lookups work? Someone enters the source text in originally and then the reverse look is just a hash table of the original inputs "keyed" to the output of the first keying. Or do you think that someone has a piece of software running that computed all known MD5 hashes up to 393 characters? That would be 393^256 (10^664) records in the database? That is more data than is stored on every CD plus every hard disk on the planet, but I digress.
I guess I am just old fashioned, I found the answer by going to defense.gov and found the 1 page fact sheet PDF that had the mission statement on it and "broke it" that way (typing it forward into one of those reverse look ups in fact). You are making me feel pretty clever though. I'm a "real" code breaker. Very cool!
The parsimonious reality is that someone went to their Wikipedia page and grabbed their Mission Statement which in the context of the story in Wired which specifically used the word "mission" to point to the meaning of the hash made it easy to guess. If that is decoding, which I dispute, no one can dispute that is it in only the most trivial sense.
That still doesn't make MD5 even a special-purpose cipher does it? You really have to know what the answer is before you start. MD5 is and remains a useful tool for checking the validity of know source as well as some other things, but without having a known list of possible messages it has no utility as a cipher. If you are going to have a known list of possible messages exchanged in advance, why bother with hash function anyway? Why not just say: 1 = feed the fish 2 = feed the dog 3 = feed the man
Certainly using md5 in this context is needless complication.
5ebaad7800c950d0077d7f322321dcf4 = feed the fish 9418385622773e4cdeeeb828dd3ece98 = feed the dog 4b2c95a01e6ddd48a5ac39be8f86f85b = feed the man
Assuming for a moment that the algorithm for reversing MD5 existed, it would have endless answers. Whatever domain restrictions you used would be useless because the encoding party could trivially obscure the message's domain (by padding it with 10^5 characters for example) and therefore reduce the decoding problem of MD5 down to the simple problem of learning the domain the sender selected. That, my friend, is the exact same problem you started with.
A hash is not a cipher. It cannot be "decoded".
The article suggests that it can be "decoded" which just goes to show how uninformed the Cyber Commands PR guy is. A hash is a one way function. Furthermore, by the function's nature an endless supply of inputs will hash into the string he offered.
Slashdot Mirror
The story didn't mention if the photos were taken at the same time of year, only the same place. I wonder if that has anything to do with the apparent results.
I feel that the information I share is at my own peril. Perhaps we should worry less about data security and invest more energy in learning how to get stuff done without the need to share important info in the first place.
What the hell is novel about this?
Well, we disagree. That is not THE meaning, it a one of 3.5^10000000 meanings (give or take infinity other ones).
Ever wonder how those reverse-lookups work? Someone enters the source text in originally and then the reverse look is just a hash table of the original inputs "keyed" to the output of the first keying. Or do you think that someone has a piece of software running that computed all known MD5 hashes up to 393 characters? That would be 393^256 (10^664) records in the database? That is more data than is stored on every CD plus every hard disk on the planet, but I digress.
I guess I am just old fashioned, I found the answer by going to defense.gov and found the 1 page fact sheet PDF that had the mission statement on it and "broke it" that way (typing it forward into one of those reverse look ups in fact). You are making me feel pretty clever though. I'm a "real" code breaker. Very cool!
Good day to you sir.
BTW: http://www.defense.gov/home/features/2010/0410_cybersec/docs/CYberFactSheet%20UPDATED%20replaces%20May%2021%20Fact%20Sheet.pdf
The parsimonious reality is that someone went to their Wikipedia page and grabbed their Mission Statement which in the context of the story in Wired which specifically used the word "mission" to point to the meaning of the hash made it easy to guess. If that is decoding, which I dispute, no one can dispute that is it in only the most trivial sense.
That still doesn't make MD5 even a special-purpose cipher does it? You really have to know what the answer is before you start. MD5 is and remains a useful tool for checking the validity of know source as well as some other things, but without having a known list of possible messages it has no utility as a cipher. If you are going to have a known list of possible messages exchanged in advance, why bother with hash function anyway? Why not just say:
1 = feed the fish
2 = feed the dog
3 = feed the man
Certainly using md5 in this context is needless complication.
5ebaad7800c950d0077d7f322321dcf4 = feed the fish
9418385622773e4cdeeeb828dd3ece98 = feed the dog
4b2c95a01e6ddd48a5ac39be8f86f85b = feed the man
Assuming for a moment that the algorithm for reversing MD5 existed, it would have endless answers. Whatever domain restrictions you used would be useless because the encoding party could trivially obscure the message's domain (by padding it with 10^5 characters for example) and therefore reduce the decoding problem of MD5 down to the simple problem of learning the domain the sender selected. That, my friend, is the exact same problem you started with. A hash is not a cipher. It cannot be "decoded".
The article suggests that it can be "decoded" which just goes to show how uninformed the Cyber Commands PR guy is. A hash is a one way function. Furthermore, by the function's nature an endless supply of inputs will hash into the string he offered.