As I posted earlier this week, a hexadecimal code was discovered on the gold ring encircling US Cyber Command’s newly released logo. That code was 9ec4c12949a4f31474f299058ce2b22a and it sent the NetSec community on a challenge. To the untrained eye, it looks like just a bunch of numbers and letters. To those in the InfoSec/NetSec field, it looks like a 128-bit MD5-hash. MD5 hashes are derived from an algorithm that “digests” the data into a hexadecimal result like the one here. They are often used in file integrity checks to ensure the data is exactly what it should be without any corruption or tampering.
Around 2004, the MD5 algorithm had started to show vulnerabilities and signs of age. It is now fairly easy to reverse these hashes to reveal the original data. Obviously this is a big security problem. The NIST and DHS has a policy that requires all government agencies to use more complex hashing functions after 2010. Considering US CYBERCOM is one of the most secretive and secured entities of the publicly known US Government and intimately tied to the NSA, I would imagine there may be more than meets the eye to the new logo and we’ll come across more interesting things the geeks over there threw in to challenge us.
