The Nostradamus Attack

As early as November 2007, a group of security researchers predicted that Barack Obama would be elected president this month. But before you get too impressed, you should know that they also created predictions for John McCain, Ralph Nader, and Paris Hilton. Anyone can come up with a bunch of bum predictions, but what matters here is that the researchers came up with a scheme that could have allowed them to present any one of these predictions as their single guess.

The researchers created the scheme to illustrate a point about cryptographic hash functions, which are key building blocks of secure protocols on the Internet, including those used for e-commerce. Cryptographic hash functions reduce a message of any size to a “digital fingerprint” of a set size, which can then be used as a stand-in for the original. The idea is that, from the fingerprint, it won’t be possible to derive the original message. It also shouldn’t be easy to find “collisions”–two messages that produce the same fingerprint. These fingerprints can be used as digital signatures. In other words, I could send you the fingerprint as proof of my prediction, and then reveal the prediction itself at a later time.

The researchers’ predictions, which all look like perfectly ordinary PDF files, are a virtuosic example of producing collisions. Every one of the researchers’ predictions has the same fingerprint when using the cryptographic hash function MD5, which was broken in 2005 by Xiaoyun Wang, a professor at the Center for Advanced Study at Tsinghua University, in China, and her coauthors. The researchers’ Web page explains the work in more detail.

For more about cryptographic hash functions, look for a story tomorrow about the current search for a new standard algorithm.