Motorist wins case after maths whizzes break speed camera code

Sidney Markowitz sidney at sidney.com
Thu Aug 11 22:22:15 EDT 2005 

Looking at the article and the links that were posted here,

1. It appears that the defense won only because the prosecution did not come
up with an expert to refute the defense expert. He could have argued based
on Goedel's Theorem or the Heisenberg Uncertainty Principle and the case
would have gone the same way.

2. "The NRMA has called for a full audit of the way the state's 110
enforcement cameras are used ..." Note that NRMA is a motorist association,
like the AAA in the US. This is not a government body nor anyone with
authority calling for an audit.

3. The expert may not have outright lied by saying that the MD5 collision
result "theoretically" means that RTA could change the speed without
changing the hash, but his definition of "theoretically" has to include
"leaving it in the realm of theory by not trying to think the problem
through". This is not a situation where you can throw some random looking
bits in to make the hash come out right. Actually reading the article again
I don't see it made explicit that the person quoted was the expert used by
the defense or if he is just someone the reporter went to for a comment on
the story. For all we know the defense lawyer made the claim that "People
have shown it [MD5] has been hacked and it's open to viruses," and without a
prosecution rebuttal that was enough.

4. The marketing speak that Aram linked to is not all that bad for marketing
people making a hash of technical jargon they have been given. My assumption
is that they sign the time, date, place, numberplate and speed record using
RSA/MD5. Trying to explain that to a non-techie and they will hear the words
public key, encryption, and MD5 hash, so it is not unreasonable for them to
write "public key authenticated using MD5 encryption to ensure information
is authentic and tamper free".

5. Back to point #3, the attack on MD5 doesn't seem to cast doubt on the
signed data from the speed camera, as long as one can trust that the private
key is safely hidden in the camera. As Aram pointed out it is easy to show
that no possible speed, time and date will hash with the same numberplate to
get the same value.

 -- Sidney Markowitz
    http://www.sidney.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list