Schneier on Security
A blog covering security and security technology.
« Massive Police Shootout in Cleveland Despite Lack of Criminals |
| Real-World Prisoner's Dilemma from France »
February 13, 2013
New al Qaeda Encryption Tool
There's not a lot of information -- and quite a lot of hyperbole -- in this article:
With the release of the Asrar Al Dardashah plugin, GIMF promised "secure correspondence" based on the Pidgin chat client, which supports multiple chat platforms, including Yahoo Messenger, Windows Live Messenger, AOL Instant Messenger, Google Talk and Jabber/XMPP.
"The Asrar Al Dardashah plugin supports most of the languages in the world through the use of Unicode encoding, including Arabic, English, Urdu, Pashto, Bengali and Indonesian," stated the announcement, which was posted on several top online Jihadist forums and GIMF's official website.
"The plugin is easy and quick to use, and, like its counterpart, the Asrar Al Mujahideen program, it uses the technical algorithm RSA for asymmetric encryption, which is based [on] a pair of interrelated keys: a public key allocated for encrypting and a private key used for decrypting," GIMF's statement said. "To use the plugin, both of the communicating parties should install and activate the plugin and produce and import the Asrar Al Mujahideen private key into the Asrar Al Dardashah plugin, which automatically produces the corresponding public key of 2048-bit-length for use. It offers a level of encryption which has not been cracked or broken and can be relied upon entirely to protect the confidentiality of sensitive communication[s]."
Posted on February 13, 2013 at 6:13 AM
• 24 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
looks like a customised pidgin-otr ...
why you think otr is a new tool ? pidgin support all languages for a long time
"The use of encryption software in something as loosely organized as the Al Qaeda and general jihadi networks would only benefit them substantially if they could clean out all the infiltrators, informants and guarantee that everyone was on the same page and used it properly," said Smith. "That's an order they most likely will never be able to fill."
Quite. Technological 'solution' which doesn't address the human element. The guy from the uh... CSISTTP... thingy... needs a good slap and a new line of work.
If members of a group all use a certain application unique to their group... then that application helps them be located and fingerprinted regardless of who makes it or how strong it is for protection.
looks like a NSA made tool that is just backdoored otr. lol why would these guys install something called 'terrorist chat tool' instead of using open source otr.
I like the fact this comes shortly after the TLS MiM attack post.
Is it just me, or are they all using the same private key?
>"it uses the technical algorithm RSA for asymmetric encryption, which is based [on] a pair of interrelated keys: a public key allocated for encrypting and a private key used for decrypting"
It does asymmetric (public key-private key) encryption on every bit of data that passes through the channel? If that's the method they chose, they probably made some mistakes along the way...
Isn't the "S" in RSA for Adi Shamir, one of the co-inventors of the RSA encryption scheme? I always find it amusing in a way that those who so espouse hatred towards a given people have no problem using technology created by said people.
using a so called encrypted chat prog posted to watched terrorist forums is the same as downloading a "triple hop privacy VPN" from a watched carding forum. Hello feds.
if I remember correctly no AQ (does AQ even exist anymore?) agent is using encryption. OBL sure didnt, same with the hijackers and their email dropbox scheme. Catching these guys must be the easiest job in the world compared to secret service agents who have to go after skilled euro hackers
Hatred towards Soviet invaders didn't stop the Mujahideen from using Kalashnikovs.
That's right, all you terrorists out there, Osama Bin Laden was tracked down through his dependence on old-school OPSEC and a small trusted circle of cutouts. What you want to do instead is rely on unbreakable encryption that uses math you don't understand. Put everything in the cloud, encrypted, because nobody who's hunting you is really serious about monitoring cyberspace or cracking the flimsy system built around all that hard math. All those computers in Utah use the electricity to find cutouts and dead-drops.
Right. Do we think they are all Richard Reid stupid?
Isn't it obvious that the Israeli added a backdoor to the RSA algorithm? AQ communications would much more secure if some loyal AQ member read a book or two on cryptography and a book or two on programming, and secured the code for AQ use.
Isn't that about the same as saying in the headlines, "Hey AQ, we can't possibly read your communications if you encrypt them with this plugin! (Pay no attention to the MITM behind the curtain.)"
"import the Asrar Al Mujahideen private key into the Asrar Al Dardashah plugin", emphasis mine. Given that they explicitly mention the public key afterwards that is supposed to be derived from it, it also doesn't look like a simple case of bad reporting.
I suspect that either they are really dumb, or it's a trap for dumb terrorists.
@RSaunders "Right. Do we think they are all Richard Reid stupid?"
This could be a long-term strategy for populating watch lists (or be used as one if the "Asrar Al Dardashah" plugin wasn't intended as bait by the author). It's possible for people to be naive wannabes now, get serious later, and draw official attention to whatever groups they join.
"a new encryption capability would almost certainly complicate counterterrorism and intelligence missions"
No. Understanding the "old" encryption capabilities well, and using them correctly, would complicate things. If all terrorists were using a new encryption method, that would simply mark them as terrorists.
stepj, Jan: I thought the Mujahideen program was a key-generator, not a specific key? If it's just one private key, why call it asymmetric?
mishehu: I bet they even use Al Jabr in their Al Gorizms and then drink some Al Cohl.
Btw, I love their poll!
"As 'Arab Spring' has turned into Arab darkness, allowing Al Qaeda to entrench in failed Muslim states, do you believe the jihadi network has more potential today than before 9/11?"
Like asking "have you stopped beating your wife"?
Don't you see it is the key to AQ's resurgence?
Which would be the key for the US to start a bigger data centre in Utah and expand their limited SIGINT capability?
I can see it now.... "Obama legal team and massive new data centre in Utah break AQ encryption and save the day..."
All are sharing the same private key ?
Never laughed so loud reading an article.
"Which would be the key for the US to start a bigger data centre in Utah and expand their limited SIGINT capability?
I can see it now.... "Obama legal team and massive new data centre in Utah break AQ encryption and save the day...""
AC2 could get a job in the White House's strategy department. ;)
Didn't the NSA basically admit they had some breakthrough for cracking RSA? Why not use AES?
BlueRaja: From what I know (correct me if I'm wrong), key size is critical with RSA. Large enough/diverse enough key is fine (decryption time is obviously increased). RSA is quicker and, if used correctly, would work well for their needs.
Plus public key encryption works well for messengers.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.