Al Qaeda improves encryption
Network World says al Qaeda is encrypting chat rooms with open source RSA code.
Tampa-based ISP NOC4Hosts and Rochester, Minn.,-based SiteGenesis in January found out their operations were being used to host the Al-Ekhlaas Web sites where Mujahideen Secrets 2 can be found. Both hosting firms pulled the plug on the Web sites after receiving specific technical information about the content. ...
Another notable thing is that the public-key signature in Mujahideen Secrets 2 leaves a tell-tale sign that the Al-Ekhlaas home-rolled software produced it. The encryption itself is strong at up to a 2,048-bit key length, and like the previous version, provides e-mail and file encryption using public-key certificates.
4 Comments:
Excluding something weird like quantum computing, I doubt even the NSA could crack a 2,048-bit RSA cipher. I wonder how al Qaeda shares their cipher keys?
When the stakes get high enough I suggest we waterboard the right person. If we get a working password at least we will have answered the 'does torture work?' question.
There are other ways to glean useful intel from such traffic.
If point X is sending clear traffic to point Y but encrypted traffic to Z then you focus on X & Z.
When I was in the middle east I was e-mailing with a buddy who was contract working for a company working on creating helicopter training simulators for the military. I just installed PGP on my system and sent him a note with mu public key, he sent a reply asking to eliminate the PGP from correspondence with him. I assume this caused their security all sorts of worries.
Another friend of mine interviewed with the NSA after graduating from MSOE and he was told their prime number team had an unlimited budget with which to develop techniques and math to deal with prime number generation.
Privateers can crack it, if the price is right.
Buccaneer.com
Shiver me timbers.
Post a Comment
<< Home