Making a hash of it

Font Size

Print

Feedback

Email

Discuss

: Would you like to know who is going to win the American presidential election next year? If so, go to www.win.tue.nl/hashclash/Nostradamus. Well, not quite. The site will not actually give you the answer (for fear of turning it into a non-self-fulfilling prophecy, so its builders claim), but it does offer proof that the winner is already known. That is because those builders, led by Benne de Weger of the Technical University in Eindhoven, in the Netherlands, have posted a hash of the document containing the winner’s name.

A hash, for the uninitiated, is a way of compressing a computer file into a small identifier that, although not unique, may represent that file in useful ways. A simple way to hash the words The Economist would be to change their letters into numbers (1 for a, 2 for b and so on). This done, neighbouring pairs of numbers could be added up, and then pairs of the results added repeatedly until only three, say, are left.

A hash of Wired made the same way would have only one chance in 1,000 of being the same as The Economist’s because there are 1,000 different combinations of three digits. Nor would it be easy to work out any other combination of letters that would match The Economist’s hash.

Thus when in November 2008, Dr de Weger posts the document containing the name of the winner of the presidential election, and that document’s hash (calculated by a recipe called MD5) matches the one previously published on the site, you may be forgiven for thinking that he did in fact made a correct prediction.

Of course, it is all an illusion. He would certainly not have time, once the result is known, to construct a document containing the name of the winner in such a way that its hash would come out just right. That would be what cryptographers call a ‘pre-image attack’, and no way of mounting such an attack is known.