Weakened encryption lays bare al-Qaeda files
Weakened encryption lays bare al-Qaeda files
Relatively weak encryption appears to have been used to protect files recovered from two computers believed to have belonged to al-Qaeda operatives in Afghanistan.
The files were found on a laptop and desktop computer bought by Wall Street Journal reporters from looters in Kabul a few days after it was captured by Northern Alliance forces on 13 November. The files provide information about reconnaissance missions to Europe and the Middle East.
A report in the UK’s Independent newspaper indicates that the encryption used to protect these files had been significantly weakened by US export restrictions that existed until last year.
The files were reportedly stored using Microsoft’s Windows 2000 operating system and protected from unauthorised access using the Encrypting File System (EFS), which comes as standard on this platform. They were protected with a 40-bit Data Encryption Standard (DES), according to the Independent report. This was the maximum strength encryption allowed for export by US law until March 2001. All systems are now sold with the standard 128-bit key encryption, exponentially stronger than 40-bit.
Wall Street Journal reporters say that they decrypted a number of files using “an array of high-powered computers” to try every possible combination, or “key” in succession, a process that took five days.
