*** Welcome to piglix ***

MAC Address Anonymization


MAC Address anonymization is the idea of performing a one way function on a MAC address so that the result may be used in tracking systems for reporting and the general public, while making it nearly impossible to obtain the original MAC Address from the result. The idea is that this process allows companies like Google, Apple and iInside - which track users movements via computer hardware to simultaneously preserve the identities of the people they are tracking, as well as the hardware itself.

An easy example of MAC address anonymization would be to use a simple hash algorithm. Given an address of 11:22:33:44:55, the MD5 hash algorithm produces 8,093,140,232,281,458,246 (0x70509c29768f0646).

An address only one character different (11:22:33:44:56) produces 1,390,925,306,346,392,705 (0x134d8f3259e0cc81), an entirely different number.

Tracking companies rely on the assumption that address anonymization is akin to encryption. Given a message, and an encryption method that is well known to both the encoder and potential decryptor, modern encryption methods (such as AES or RSA will yield a result that is unbreakable in practice.

The problem lies in the fact that there are only 248 (281,474,976,710,656 ) possible MAC addresses. Given the encoding algorithm, an index can easily be created for each possible address.

Several years ago, the building of such an index would have been difficult due to the compute time involved. With modern, parallel, cloud computing, the index generation can be easily divided among the number of processors desired.

On a 2.5 GHz processor, a C# program was able to produce the following results:

Thus, a million processors could create the entire index in just over five minutes, and 100,000 processors in less than 85 hours. Once the index is complete, conversions of "anonymized" addresses to their actual addresses is almost instantaneous.



...
Wikipedia

...