Reading al Qaedas Encrypted Email

Strategypage ^ | August 5, 2004 | James Dunnigan

[VOA]

There is a VERY fine article in the September 2004 Atlantic Monthly about the
Al-Quida goodies found on a desktop and a laptop obtained by a Wall Street Journal reporter
just after his arrival in liberated Kabul.

Reading the terse e-mails between a field operative and his boss at headquarters
over his handling of Al-Quida funds is a hoot.

[Finalapproach29er]

The U.S. and Pakistan may have found a way to read months, or years, worth of secret al Qaeda messages. No one is saying anything about that, but it works like this.
****
This fool should shut his mouth, or have it shut for him.

This is like when some fool Senator spilled the beans we were listening to Bin Laden's cellphone. Why tip off the enemy? LOOSE LIPS........

[MediaMole]

It's also possible that the guy didn't bother encrypting the contents of his own hard drive. He could have left a trail of unencrypted messages on the drive through bits of cache files, text files and other stuff on the drive as well.

[BurbankKarl]

a one time key is the safest way to communicate.

I think the govt can deciper PGP...I remember they couldnt export, then all of a sudden they could.

Even so, CIA probably has hackers who stole the info from PGP

[NotJustAnotherPrettyFace]

Echelon at work.

[adam_az]

The nice thing about any strong crypto is that it should stand up to attack even if you know the algorithm and implementation.

Of course if you find a flaw.... it can make anything easier to crack, especially if you have known text to work with.

You might want to check out GPG, the GNU open source version of PGP.

[Paleo Conservative]

This is like when some fool Senator spilled the beans we were listening to Bin Laden's cellphone. Why tip off the enemy? LOOSE LIPS........

It wasn't a senator. It was the prosecutor in one of the original 1993 WTC bombing case. That's because Bill Clinton treated terrorism as ordinary crime rather than a war crime or piracy.

[BurbankKarl]

I would rather plant spyware on the Hotmail page that loads to any computer that accesses it from Pakistan, and pings the CIA computer from there...

Look at all the Phishing exploits going on now....and how many people are unaware!

[cryptical]

Nice article. I doubt that the NSA can crack PGP, either due to magical advances in technology, or some implementation flaw that's exploitable.

My guess is sloppy key handling. If they captured the guys laptop, chances are they were able to recover his keys, because most people a) don't change their keys enough, and b) have crappy passwords on their private keys.

I'd guess tossing words/phrases from the Koran at an AQ password would likely be fruitful. Just put together a
dictionary of permutations of 'Allah', and see what you
get.

[ScuzzyTerminator]

Indeed, it would be very suprising if a much used computer did not yield a lot of info regardless of how carefull the user was. It is very time consuming and use-inhibiting to wipe a disk of "deleted" data everytime it is used.

Also, most encryption systems, including PGP, ultimatly rely on a single passphrase that must be typed in with every use (or insecurly stored). It is hard to use a memerable passphrase that gives a hundred or more bits of equivalent key material.

And, finally, when you have the computer's owner as well as the computer, there is always rubber-hose cryptanalysis.

[Ichneumon]

A 516 digit key can be cracked using this computerized “brute force” method. [...] However, increase the key to 768 characters, and it takes about 6,600 times longer to crack it. Go to key size of 1024, and it takes 1,500 times longer than the 768 character key. Go to a 2048 key size and it takes a billion times longer than a 1024 character long key. PGP can use a 1024 character key, and many users go for the larger key for obvious reasons.

Someone needs to teach this reporter some math. The actual difficulty figures for a brute force crack are:

A 768-bit key takes 7.24x10⁷⁵ times as long to crack as a 516-bit key (that's a 7 followed by *74* zeros).

A 1024-bit key takes 1.16x10⁷⁷ times as long to crack as a 768-bit key (1 followed by 76 zeros).

A 2048-bit key takes 1.80x10³⁰⁸ times as long to crack as a 1024-bit key (about 2 followed by 307 zeros).

In each case the appropriate figure is 2^(B2-B1), where B1 is the number of bits in the smaller key, and B2 is the number of bits in the larger key.

I don't know where in the hell the reporter got his figures from, but they're too small by enormous orders of magnitude.

If every single atom in the universe were a computer a trillion times faster than the fastest computer today, and ran for a trillion years, you still wouldn't have enough computer power to crack a single 2048-bit key by brute force.

[Ernest_at_the_Beach]

Maybe they only found the Key in Pakistan...

[Jeff Gordon]

NSA is the finest technological intelligence organization in the world. The can read the mail like no one has ever dreamed about. They are so far ahead of everyone else in communications interception and cryptology that 1024 bit PGP key is child's play to them.

[ScuzzyTerminator]

In each case the appropriate figure is 2^(B2-B1), where B1 is the number of bits in the smaller key, and B2 is the number of bits in the larger key.

It's actually much less than that. The security of a key against brute force attack is proportional to the number of possible keys, not the size of a key. For RSA keys, most members of the keyspace are not valid keys since RSA keys are based on large prime numbers. An n-bit RSA key is nowhere near as secure as an n-bit conventional cipher key.

[Straight Vermonter]

For example, if you have a computer that can perform a million instructions per second going at it for 30,000 years.

The new IBM supercomputer "blue ocean" that the US navy is buying would do the job in 13 hours.

[Physicist]

I doubt that the NSA can crack PGP, either due to magical advances in technology, or some implementation flaw that's exploitable.

A quantum computer can break a PGP key in O((log N)³) time using Shor's algorithm.

I'll bet that quantum computation research has commanded a significant portion of NSA's budget for ten years or more.

[Jeff Gordon]

you still wouldn't have enough computer power to crack a single 2048-bit key by brute force.

"I think there is a world market for about five computers." -IBM founder Thomas Watson Sr.

[Ichneumon]

It's actually much less than that. The security of a key against brute force attack is proportional to the number of possible keys, not the size of a key. For RSA keys, most members of the keyspace are not valid keys since RSA keys are based on large prime numbers. An n-bit RSA key is nowhere near as secure as an n-bit conventional cipher key.

Ah, good point, thanks for the correction. I was indeed thinking of n-bit conventional keys.

Is the number of valid 516-bit RSA keys known? It would be interesting to figure out how whether it would be feasible to pre-compute all possible keys into a "key dictionary", and then use that to brute-force test encrypted messages.

[eno_]

Odds are PGP still cannot be brute-forced without, literally, hundreds of millions of dollars worth of supercomputers. I DO believe the NSA can brute-force PGP, but only with superhuman super-expensive efforts.

Odds are any messages that were cracked were either decoded by physically capturing the private key, bugging a computer and learning the key that way.

The is some chance that having clear-text messages and their encrypted versions might help crack other encrypted messages.

But I don't find any evidence here that PGP can routinely be cracked.