[ISN] Al-Qaeda group's encryption software stronger, security firm confirms

From: InfoSec News (alerts@private)
Date: Mon Feb 04 2008 - 00:04:03 PST


http://www.networkworld.com/news/2008/020108-al-qaeda-encryption.html

By Ellen Messmer
Network World
02/01/08

Al-Qaeda support group Al-Ekhlaas has improved the encryption software 
it now provides to its online members, according to one security 
researcher who examined the software, known as "Mujahideen Secrets 2."

Mujahideen Secrets 2 has added the ability to encrypt chat 
communications, which the first version lacked, says Paul Henry, vice 
president of technology evangelism at Secure Computing. Henry says he 
got the software through a contact in the intelligence community. The 
home-grown Mujahideen Secrets 2 encryption software, based on open 
source RSA code, can encrypt binary files so they can be posted on 
ASCII-text-based bulletin boards and Web sites.

"They have improved the operation of the graphical user interface and it 
will now encrypt chat communications," says Henry, who adds that the 
Arabic translation suggests the software is encouraged for use by 
Al-Ekhlaas members to evade U.S. government efforts at surveillance.

Tampa-based ISP NOC4Hosts and Rochester, Minn.,-based SiteGenesis in 
January found out their operations were being used to host the 
Al-Ekhlaas Web sites where Mujahideen Secrets 2 can be found. Both 
hosting firms pulled the plug on the Web sites after receiving specific 
technical information about the content.

This week another Web hosting company, CrystalTech Web Hosting in 
Phoenix, shut down sites linked to the Al Qaeda-link support group.

"As soon as we found out, we brought the IP sites down," says Bob 
Cichon, president of CrystalTech Web hosting, who blamed a reseller for 
it happening. "We're a very large host and it's hard to track 
everything."

In its analysis of Mujahideen Secrets 2, Secure Computing has noticed 
that the software appears to violate copyright law.

"Typically with open source, they still require a copyright 
notification," Henry says. "There's no copyright notification whatsoever 
here."

Another notable thing is that the public-key signature in Mujahideen 
Secrets 2 leaves a tell-tale sign that the Al-Ekhlaas home-rolled 
software produced it. The encryption itself is strong at up to a 
2,048-bit key length, and like the previous version, provides e-mail and 
file encryption using public-key certificates.

All contents copyright 1995-2008 Network World, Inc


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Mon Feb 04 2008 - 00:28:08 PST