A security researcher said on Thursday he was the first to crack the code embedded in the seal of the US Cyber Command (Cybercom), the group responsible for protecting the country's military networks from attack. Sean-Paul Correll, a threat researcher with antivirus vendor Panda Security, said that the characters visible in a gold ring on Cybercom's official seal represent the MD5 hash of the group's mission statement. MD5 is a 128-bit cryptographic hash most often used to verify file integrity.
A representative of Cybercom confirmed that Correll had it right. " Mr. Correll is correct... it's a MD5 hash," said Lt. Commander Steve Curry of the US Navy, in an email. "It wasn't very difficult," said Correll, adding that it took him only two minutes to figure out that the characters, 9ec4c12949a4f31474f299058ce2b22a, were the hash value for Cybercom's mission statement.
Correll had a leg up on the solution, since Wired.com's "Danger Room" blog, which first noticed the characters, had published the 32-character code.
"I knew right away it was an MD5 hash, and I knew it wasn't anything to do with a specific file," " said Correll, adding that security professionals will often use an MD5 hash as reminders, or to verify that a file's contents after downloading match the original edition.
Correll said he figured out the mystery shortly after 10 a.m. PT Wednesday, within an hour of Wired.com publishing its story. At least one other code-breaker came up with the same solution. Buried in the nearly 500 comments added to the Wired.com story was the solution, posted Wednesday at 12:46 p.m. PT by someone identified only as "jemelehill" .
In a follow-up story, Wired.com credited jemelehill with first decoding the message. "Information security professionals are very challenge driven," said Correll, so tackling the problem was fun... while it lasted. "Absolutely, this was definitely fun," he said.
Correll is familiar with codebreaking problems, since Panda regularly sponsors secret code challenges. The next challenge is scheduled to go live at 3:00 a.m. ET Saturday, 12:00 a.m. PT.
The MD5 value is a hash of Cybercom's 58-word mission statement, Correll noted on his blog: "USCYBERCOM plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."
Cybercom was created in June 2009 , when Defense Secretary Robert Gates approved the group. Two months ago, the Senate appointed Lt. General Keith Alexander as the head Cybercom. Alexander is also the director of the National Security Agency (NSA).
US Cyber Command is part of the US Strategic Command. Several units of the US military, including ones from the Army, Navy, Air Force and Marines, comprise Cybercom.