New al Qaeda Encryption Tool

There's not a lot of information -- and quite a lot of hyperbole -- in this article:

With the release of the Asrar Al Dardashah plugin, GIMF promised "secure correspondence" based on the Pidgin chat client, which supports multiple chat platforms, including Yahoo Messenger, Windows Live Messenger, AOL Instant Messenger, Google Talk and Jabber/XMPP.

"The Asrar Al Dardashah plugin supports most of the languages in the world through the use of Unicode encoding, including Arabic, English, Urdu, Pashto, Bengali and Indonesian," stated the announcement, which was posted on several top online Jihadist forums and GIMF's official website.

"The plugin is easy and quick to use, and, like its counterpart, the Asrar Al Mujahideen program, it uses the technical algorithm RSA for asymmetric encryption, which is based [on] a pair of interrelated keys: a public key allocated for encrypting and a private key used for decrypting," GIMF's statement said. "To use the plugin, both of the communicating parties should install and activate the plugin and produce and import the Asrar Al Mujahideen private key into the Asrar Al Dardashah plugin, which automatically produces the corresponding public key of 2048-bit-length for use. It offers a level of encryption which has not been cracked or broken and can be relied upon entirely to protect the confidentiality of sensitive communication[s]."

Posted on February 13, 2013 at 6:13 AM • 25 Comments

Comments

Danny MoulesFebruary 13, 2013 6:52 AM

"The use of encryption software in something as loosely organized as the Al Qaeda and general jihadi networks would only benefit them substantially if they could clean out all the infiltrators, informants and guarantee that everyone was on the same page and used it properly," said Smith. "That's an order they most likely will never be able to fill."


Quite. Technological 'solution' which doesn't address the human element. The guy from the uh... CSISTTP... thingy... needs a good slap and a new line of work.

Atavia JonesFebruary 13, 2013 7:07 AM

If members of a group all use a certain application unique to their group... then that application helps them be located and fingerprinted regardless of who makes it or how strong it is for protection.

h4xFebruary 13, 2013 8:45 AM

looks like a NSA made tool that is just backdoored otr. lol why would these guys install something called 'terrorist chat tool' instead of using open source otr.

AlanFebruary 13, 2013 9:56 AM

>"it uses the technical algorithm RSA for asymmetric encryption, which is based [on] a pair of interrelated keys: a public key allocated for encrypting and a private key used for decrypting"

It does asymmetric (public key-private key) encryption on every bit of data that passes through the channel? If that's the method they chose, they probably made some mistakes along the way...

mishehuFebruary 13, 2013 10:36 AM

Isn't the "S" in RSA for Adi Shamir, one of the co-inventors of the RSA encryption scheme? I always find it amusing in a way that those who so espouse hatred towards a given people have no problem using technology created by said people.

AlsoFebruary 13, 2013 11:01 AM

using a so called encrypted chat prog posted to watched terrorist forums is the same as downloading a "triple hop privacy VPN" from a watched carding forum. Hello feds.

if I remember correctly no AQ (does AQ even exist anymore?) agent is using encryption. OBL sure didnt, same with the hijackers and their email dropbox scheme. Catching these guys must be the easiest job in the world compared to secret service agents who have to go after skilled euro hackers

VinzentFebruary 13, 2013 11:02 AM

@mishehu

Hatred towards Soviet invaders didn't stop the Mujahideen from using Kalashnikovs.

RSaundersFebruary 13, 2013 12:41 PM

That's right, all you terrorists out there, Osama Bin Laden was tracked down through his dependence on old-school OPSEC and a small trusted circle of cutouts. What you want to do instead is rely on unbreakable encryption that uses math you don't understand. Put everything in the cloud, encrypted, because nobody who's hunting you is really serious about monitoring cyberspace or cracking the flimsy system built around all that hard math. All those computers in Utah use the electricity to find cutouts and dead-drops.

Right. Do we think they are all Richard Reid stupid?

phred14February 13, 2013 1:50 PM

@mishehu, @vinzent,

Isn't it obvious that the Israeli added a backdoor to the RSA algorithm? AQ communications would much more secure if some loyal AQ member read a book or two on cryptography and a book or two on programming, and secured the code for AQ use.

Isn't that about the same as saying in the headlines, "Hey AQ, we can't possibly read your communications if you encrypt them with this plugin! (Pay no attention to the MITM behind the curtain.)"

JanFebruary 13, 2013 4:53 PM

"import the Asrar Al Mujahideen private key into the Asrar Al Dardashah plugin", emphasis mine. Given that they explicitly mention the public key afterwards that is supposed to be derived from it, it also doesn't look like a simple case of bad reporting.

I suspect that either they are really dumb, or it's a trap for dumb terrorists.

pfoggFebruary 13, 2013 6:21 PM

@RSaunders "Right. Do we think they are all Richard Reid stupid?"

This could be a long-term strategy for populating watch lists (or be used as one if the "Asrar Al Dardashah" plugin wasn't intended as bait by the author). It's possible for people to be naive wannabes now, get serious later, and draw official attention to whatever groups they join.

silly sandersonFebruary 14, 2013 12:27 AM

"a new encryption capability would almost certainly complicate counterterrorism and intelligence missions"

No. Understanding the "old" encryption capabilities well, and using them correctly, would complicate things. If all terrorists were using a new encryption method, that would simply mark them as terrorists.

silly sandersonFebruary 14, 2013 1:29 AM

stepj, Jan: I thought the Mujahideen program was a key-generator, not a specific key? If it's just one private key, why call it asymmetric?

mishehu: I bet they even use Al Jabr in their Al Gorizms and then drink some Al Cohl.


Btw, I love their poll!

"As 'Arab Spring' has turned into Arab darkness, allowing Al Qaeda to entrench in failed Muslim states, do you believe the jihadi network has more potential today than before 9/11?"

Like asking "have you stopped beating your wife"?

AC2February 14, 2013 4:01 AM

Don't you see it is the key to AQ's resurgence?

Which would be the key for the US to start a bigger data centre in Utah and expand their limited SIGINT capability?

I can see it now.... "Obama legal team and massive new data centre in Utah break AQ encryption and save the day..."

Nick PFebruary 14, 2013 1:34 PM

@ AC2

"Which would be the key for the US to start a bigger data centre in Utah and expand their limited SIGINT capability?

I can see it now.... "Obama legal team and massive new data centre in Utah break AQ encryption and save the day...""

AC2 could get a job in the White House's strategy department. ;)

Blue3February 16, 2013 3:34 PM

BlueRaja: From what I know (correct me if I'm wrong), key size is critical with RSA. Large enough/diverse enough key is fine (decryption time is obviously increased). RSA is quicker and, if used correctly, would work well for their needs.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.