www.lunadevelopment.com microsoft TAG

LunaTagGEN Secret Message

Using the Microsoft Tag Service to ensure absolute secure messaging.

An Impossible Mission you say!

Mission Impossible Logo

Can you recall the self-destructing tape that Peter Graves received with instructions a the beginning of every mission? If so, then you should see the similarity with our Secret Message Tag. A password protected text tag designed that is designed to expire in 60 seconds, is all but impossible to decrypt.

First, there is nothing in the image to decrypt. A Tag is a reference and nothing more; so intercepting the tag itself provides nothing but the URL. And before you can even look at the information you must provide proper authorization, which right now is a just a password but could be extended to include other authorization/authentication.

Secondly, if the Tag expires (or self-destructs per se) after 60 seconds or even a few minutes, then any attempt to determine the contents of the message would need to access the Microsoft Tag Service within that time period. Therefore, brute force algorithms are unlikely to work. As well, the service could refuse access to requests from the same address after a given number of attempts.

There are only two ways we can think of to break this system. One is to capture all such message traffic while en route to or from the Microsoft Service and the other is to force the service provider to turn over the source text for all such messages. Neither of these are issues we want to explore but we do apologize in advance to the people of the State of Maryland, who may find their power going out even more often if this service ever proceeds to market.

It is an important difference between Microsoft Tag and QR Codes that we want to point out here. This potential use for Tag is not even possible for QR Codes for which the medium is the message. As is the case with all codes before it, QR Code encrypts the text itself and therefore it can be decrypted. Furthermore, since a QR Code lasts forever, there is an infinite amount of time available to process any encrypted text it might include.

At this time Tags do not immediately expire and the minimal expiry is one day after the creation date. However, you can expire them programmatically, so the potential for Microsoft Tag to be precisely as we describe is very high. To use a Tag in this way was most likely never imagined during its design and only time will tell if this potential ever gets put to the test.

Copyright © 1998-2010 Luna Development. All Rights Reserved. The opinions expressed herein are those of Luna Development and may or may not be shared by Microsoft or its affiliates.