Re: md5 collisions and speeding tickets
Date: 08/12/05

Date: 11 Aug 2005 20:11:08 -0700

David Wagner wrote:
> >A NSW, Australian court calls into question the authenticity of every
> >speed issued in the state. [...]
> >Each speed camera photo has an MD5 algorithm printed at the top that is
> >supposed to establish authenticity, but [...] The defense argued that [...]
> >flaws in MD5 that would allow the speed displayed in the camera
> >photograph to be manipulated without changing the 128-bit sequence that
> >is supposed to act as an electronic seal to establish that no tampering
> >has occurred.
> >The case could call into question the validity of fifteen years worth
> >of state photo tickets [...]
> Am I the only one who finds this outcome bordering on the absurd?
> Does anyone really believe that someone has mounted such an attack
> to frame people into receiving bogus speeding tickets?

I'm certainly very skeptical, but the speeding cameras in Australia
have come into question for other defects as well. This is just one
more reason to doubt them. Sometimes it is the number of doubts that
make a difference.

> Without knowing anything more than what is printed in the news article,
> it's hard for me to shake off the impression that this sounds more like
> an attack on the court system than an attack on MD5.

But certainly we do not want the cryptographic function to be
an excuse for an attack on the court system (actually I think it
is more of an attack on the use of cameras to monitor people than
an attack on the court system)!