The Navy SEALs came away from bin Laden’s hideout in Abbottabad in Pakistan with ‘the single largest collection of senior terrorist materials ever’ to be acquired by the US government. Much of this material is contained in various digital media such as hard-drives and portable USB drives. Many CIA and other intelligence people are working around the clock to analyze the data.
Of particular interest to many in the IT security field is how the data was encrypted (if at all) and whether the intelligence community has managed to access all the data.
In 2007 a terrorist organization linked to Al Qaeda released information (and software) recommending best practice for the ‘secure exchange of information on the internet‘. Recommendations included using ‘symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools]‘. We are aware through the media that the compound where bin Laden resided in Abbottabad didn’t have a telephone and that communication mediums were very carefully considered and controlled. This concern for communications security hadn’t always been at the forefront for bin Laden; Matthew Aid, an independent journalist, wrote in 2003 that “the public record shows that [between 1993 and 2003] bin Laden and his operatives broke virtually every basic tenet of good spying tradecraft, the most important commandment of which was and remains never to speak about one’s operations using communications means that can be intercepted.”
Any use of encryption or electronic evasion techniques are only as good as their weakest point (just ask Wikileaks about having state of the art encryption and communication and supposedly secure information still being leaked). It is probable that for any communications via the internet, al Qaeda would be using something like TOR to actually transmit and receive the data but we are told that bin Laden was not using the Web therefore the significance of the attaining of many data media from Abbotabad.
Assuming that some (or all?) of the data attained by the SEALs was encrypted then just how are the CIA going to access the information? If the intelligence services are aware of any encryption keys and/or passwords used, that may have been supplied by other al Qaeda members then the task in extracting any meaningful data will be far simpler. The accessing of any encrypted data via brute force could take many years (many thousands of years possibly). Of course we don’t know the capabilities of the Intelligence services in accessing encrypted data so possibly the data is easily decrypted by the government. It’ll be interesting if any information is made available as to encryption used by this terrorist and, if so, what encryption was used and how the data was decrypted/unencrypted.
Here is an explanation of some parts of encryption:
