Eyes Above The Waves

Robert O'Callahan. Christian. Repatriate Kiwi. Hacker.

Saturday 20 January 2007


Today's blog post is very interesting, but unfortunately, publishing it now would cause serious harm. On the other hand, at some point in the future I would like to be able to prove that I wrote it today. So, let me just say that its MD5 hash is


David Baron
You might want to specify the character encoding. :-)
Robert O'Callahan
ASCII. You can start your dictionary engine now :-)
Justin Watt
Oh man hilarious.
You could at least give a hint about *when* we might see said post...
Colin Coghill
You tease you.
- Colin
Given the recent attack on MD5, couldn't you now be accused of having constructed two different messages which each would have that same hash, so that you can publish whichever one will turn out to be more appropriate at that future date? :)
(I assume this won't actually be a problem, due to your post not being a prediction as much as containing some sensitive business information or something. And at the very least it should still server as proof that you wrote it now. Still - might want to post the SHA-1 hash as well.) ;)
Mark El-Wakil
There's *always* a chance that you could find a way to write an article with a collision with this md5sum. How about being a good man and posting a SHA1 for us? :-)
Gee, thanks for sharing.
Colin Barrett
SHA-1 has been cracked too, y'know. I think it's down to 2^63 from 2^80. Same Chinese woman who did MD5 did it.
Actually, posting the SHA-1 would be a bad idea -- two possible vectors for attack, and you can cross reference them.
Colin: getting the message from the hashes is as impossible as ever. And (afaiui) constructing two messages that have _both_ the same MD5 and SHA-1 hash is far and far harder than constructing a message that has only one of the hashes in common.
Justin Dolske
Well, this was fairly easy to figure out.
$ echo "Soylent Green is people\!" > foo
$ md5 foo
MD5 (foo) = ec06b3461cf0eaf3d3e4d7a2e429bddb
Robert O'Callahan
I get cc0772acb9b11fe9e8369c8ea3b67c20. MoCo better get you some new hardware...
Aha, so you are the one who submitted the scary Vista Security (Bug) Report I've heard so much rumor about today. Stunning find.
Is today the day you can publish the post? I mean, hex numbers seem all the rage at the moment...
(Not that I can make todays magic number turn into your md5 hash...)