Proof Hashes

As the field of security research becomes more and more crowded, it’s inevitable that people will begin to step on each other’s toes. Last year when I began my context-keyed payload encoding research, someone else that I know began extremely similar research at almost exactly the same time. Because I intended to present my research at ToorCon, I only discussed it with a very few select people, so neither of us had any idea the other was working on nearly the same thing. I apparently finished my work first, because when I presented the results at ToorCon 9 later that year, and subsequently published the research in Uninformed Journal vol. 9, I was told by a number of people that the other researcher, whom I consider a friend, was a little upset that I had beat him to the punch, as it were.

Just last month, I circulated among some small communities a draft version of a CFP for a project that I was working on for this year’s DEFCON called “Cirque du 0day”. It was in no way ready for public consumption, in fact, I hadn’t even heard back from the DEFCON staff if something like what I was planning would even be accepted for the conference. I was simply looking for initial feedback on the idea from the people I showed it to. I apparently gave the draft CFP to a group of people that I shouldn’t have, because not more than a couple days later a Full-Disclosure Troll going by the name of Michael Chatner (before he added the “Professor” to his nym) changed the email addresses in the CFP text and posted the CFP nearly verbatim to Full Disclosure as his own. If only there were some way to more convincingly dispute such claims other than to simply reply to it

Of course, things being as they are in this industry, people in such situations have very little recourse. These kinds of things happen all the time, and will only increase in frequency as this industry grows.

Enter “proof hashes”. For a short time now, people in this industry with information that they both want to keep confidential, as well as be able to prove prior-art for, have hashed some form of the information in question and sent the hash(es) to a public email list like Full Disclosure for posterity (and an irrefutable time-stamp at which point the hashes existed). I have done this myself on occasion, but unfortunately failed to do so when I had the idea to create and bring the Cirque du 0day event to DEFCON. Of course the first few times that this happened, some people on Full-Disclosure cried foul, that the list was no place for such things, and even a few conspiracy theories blossomed surrounding some of the more ambiguous or non-descriptive posts containing hashes. Some even began discussing the validity of an email time-stamp on a message distributed by a public mailing list, since most lists honor the original time-stamp on the message and forward it unchanged. The real indication to the date and time it was posted to the list comes from the surrounding messages delivered alongside it.

Even though there have currently been no reported cases of anyone publicly cross-referencing a proof hash posted to a list like Full-Disclosure in order to prove prior-art, idea ownership, or anything else, I do believe there is value in such a mechanism, and as such, I’ve created the Proof Hashes email list via Google Groups. This list lives at the Google Groups site to ensure that the hosting of the list remains with a 3rd party unmotivated to be involved in any time-stamp forgery scheme. The Group description really says it all:

This group allows establishment of confidential prior-art by posting a cryptographically hashed summary, proof-of-concept, schematic, or detailed description. Prior-art can then be proven by disclosing the original content with it’s hashes and cross-reference the date of the original post.

Subscription is not allowed and not required to post to this list. It is recommended that the poster include the result of multiple hash algorithms of the same content in a single message to eliminate the chance of calculating content which produces a hash collision in a single algorithm. It is also recommended that the poster cryptographically sign their message as this will not only both prove ownership of the hashes, but also provide a second, corroborating time-stamp.

I’m apparently not the only person who finds value in this type of thing, as I was recently directed to the PGP Digital Timestamping Service, to which you can send your original message containing your proof hashes. The service will then sign the message itself, essentially time-stamping it, and in “post” mode, forward the message to any number of recipients, including such destinations as public mailing lists.

EDIT: I’ve also recently come across, which is now using the Proof Hashes Google group as an additional archive for it’s timestamp blocks.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: