Monday, August 15, 2005

MD5

The media has once again created controversy by overstating a court decision. (this one) The court case was lost not due to the use of MD5, it was lost due to RTA's inability to "find an expert" to prove the pictures were not tampered with after they had been taken. This means one or more of the following conditions occurred:
  • they actually couldn't find anyone (although it's unlikely)
  • they couldn't find anyone that could explain MD5 in simple terms that would indicate that the liklihood that the traffic infraction actually occurred. Hint: think DNA evidence. You will always hear "probabilities" discussed when lawyers discuss DNA. Yes, there are collisions in MD5 number space. The probability of forgery goes down very fast if that "collision" has the same MD5 hash, looks like a picture, of the intersection in question, with the defendant's car passing through it, with the defendant's license plate in view, with the camera's timestamp (and other) data embedded in the picture.
  • the prosecution was unable to display the chain of evidence, in the form of being unable to prove when the MD5 hash was generated. The hash being embedded in the picture may actually cause a problem because it means that the picture was changed after it was taken, by the camera itself. However, this is a procedural problem, not a technical one, and would translate into the prosecution not being able to find anyone willing to take an oath to assert/support the accuracy of the data.

I doubt that MD5 hashing of traffic pictures will cease. Rather, I believe that how they're presented in court will change.