If you’re a frequent reader of the PandaLabs blog, then you know that we love creating crypto/crackme challenges. In fact, we have one coming up shortly. I came across a Wired article pointing out a certain sequence of characters embedded in the United States Cyber Command seal and wanted to take a stab at it.
The characters around the seal appear to be an MD5 hash value of 9EC4C12949A4F31474F299058CE2B22A
So, what does this hash value represent? Many have suggested that it is the following QR code (below), which translates to “Poder Cibernetico”.
However, this QR code is misleading because it contains the hash value in its meta tags rather than in the QR code itself.
Instead, if we take the CYBERCOM mission statement and calculate the MD5 hash value for the text, we arrive at the same 9EC4C12949A4F31474F299058CE2B22A hash on the seal.
CYBERCOM Mission Statement: USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.
That was fun! If you like these types of challenges, then tune in to the PandaLabs blog on Saturday, July 17 at 9AM GMT +2 to participate in our latest Panda Challenge.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
17 comments
Encoding result:
98e1259d50ef66ddf1c6f443f8a86ec5
include the quotes and result is
ae14c9ed31624f8b313483af22ac916b
niconnect.com poder cibernetico 9ec4c12919a4f31474f299058ce2b22a brazil
Cute, but clearly incorrect. The md5 hash for the mission statement is 98e1259d50ef66ddf1c6f443f8a86ec5 and not 9ec4c12949a4f31474f299058ce2b22a according to 10 different md5 hashers I’ve used to attempt to replicate and verify your results. Care to try again or cite the hashtool you’ve used so others can attempt to verify and replicate your results?
citation:
http://i26.tinypic.com/5mesra.png
also try entering the mission statement in these online md5 hash tools:
http://www.md5hashgenerator.com/index.php
http://www.miraclesalad.com/webtools/md5.php
I’m sure you can find others that generate the same results as the ones listed above that do not match your claim.
The hash was incorrect due to a formatting error. I went ahead and corrected the problem and you’ll see that the text does calculate to 9EC4C12949A4F31474F299058CE2B22A.
Sean-Paul,
What formatting error? Can you post the correct “formatting” in a comment please? I too have tried to create the MD5 hash and cannot. There seems to be some discrepancy over the comma after the word “synchronize”. However I’ve tried it both with and without the comma and it does not produce the correct hash. Incidentally, the comma is there according the mission statement exactly as it appears in a PDF file available on the Dept. of Defense web site.
Something seems amiss here.
(follow-up)
Sean-Paul,
I took a closer look, the PDF file available on the Dept of Defense web site is available for download here and it contains two different characters than your solution. A comma and a hyphen:
http://www.defense.gov/home/features/2010/0410_cybersec/docs/CYberFactSheet%20UPDATED%20replaces%20May%2021%20Fact%20Sheet.pdf
So my question is, if your solution actually differs from the real mission statement by two characters, how did you figure out the string? Can you post your solution method? Thanks!
I also noticed this dilemma when I first checked the mission statement hash. I knew that the fault was most likely due syntax format or perhaps white space, but I was certain that the mission statement was the answer. I began searching the net string by string and found that in some cases the punctuation differed. (I.e. http://www.military-information-technology.com/mit-home/249-mit-2010-volume-14-issue-4-may/2908-cyber-command-update.html) (notice the missing comma before “and” and no hyphen.) I gave it a shot and viola! 🙂
So after reading up about this MD5 fingerprint on the seal I’ve started to become more interested in Cryptography. So far I’ve started writing my own MD5 code using R. Rivest’s MEMO on the MD5. I’m not spending a significant amount of time one it but it isn’t proving incredibly difficult. Apart from doing an exercise like that, what would you recommend to some one who has an average coding ability just starting to get into cryptography algorithms?
I’ll probably take a swing at your contest over the weekend, but I’m sure anything like that is still way out of my league.
Well, this I can understand. But you have to admit, since we’re talking about a hash contained within a permanent logo, Cyber Command really ought to have the precise correct punctuation posted on their own web site!
In any case, I think a lot of us are wondering how the solution was derived at. Is is a matter that a couple of beginning words in the mission statement were obtained from the hash via brute force collission attack or use of a rainbox table? So you obtained a couple of decoded words and then inferred the mission statement from that?
Or…..?
This Is Confusing I’m 10years old and can only comprehend the Knowledge to Turn this sequnce in to the forms Only Alphabet , Only Numbers , Only Numeric Alphabet can someone please explain this Sequnce of Letters And Numbers
Hello, I think your blog is epic. Congrats.
This looks similar to what happens regarding USA banknotes that have some “symbols”
The irony of the US Government using a known insecure hash, on their cyber command seal should not be lost on anyone.