Confessions of a skeptical mind (re: reports that 17-year-old "cracked" al Qaeda "encryption").

Jay D. Dyson jdyson at treachery.net
Sun May 18 01:20:27 EDT 2003 

Hi folks,

	I found this article and I must admit that my usually robust
skepticism is now in overdrive.  First off, this is the first (and only) 
report I've seen on the subject.  Second, I know of several top minds (not
the least of which is Niels Provos) who have sought to verify claims of al
Qaeda-sired use of cryptography and steganography...and all reports thus
far have indicated that there's no evidence to support any such claims.

	With that in mind, I'm seeking any substantiation or refutation of
this article's claims.  I'm including both the URL and the full text of
the article for review. 

-----BEGIN FORWARDED TEXT-----

http://www.hindustantimes.com/news/181_255766,0008.htm


The boy who hacked Al-Qaeda
Sudhi Ranjan Sen
New Delhi, May 18

The Americans had tried almost everything, but they just couldn't crack an
encrypted message they came across while investigating the 9/11 attacks.
Finally, they approached a 17-year-old boy in Delhi about whom The New
York Times had done a feature.

Over the next 10 days, Ankit Fardia hunkered down in his room in Delhi and
came up with the key to crack the message.

The worst fears of American investigators came true  Al-Qaeda was using a
sophisticated technology, called steganography, to communicate. It
involved sending encrypted messages concealed in a photograph or series of
photographs.

I was lucky in some ways but I am still proud that I was the only one in
the world to be able to crack the code, Fardia told the Hindustan Times
from Pune, where he is lecturing students and corporate employees on cyber
security. Fardia is  the author of Guide to Ethical Hacking.

Fardia was understandably cagey about revealing the contents of the
message or the name of the US agency that approached him. In January 2002,
I received an e-mail asking me whether I would like to help the US in
breaking open a message which was of great importance to national
security. I did not believe it was actually from a US agency so I asked
them to send me their digital signature. They immediately sent it back, he
said.

I would not like to discuss the message. But yes, what I cracked was a
message from Al-Qaeda, he added. The US government sent him letters of
appreciation.

US embassy officials said they knew nothing about this. But they said it
was possible for a US agency to make such an approach without keeping them
in the picture.

Fardia said the Al-Qaeda message he cracked had been encrypted thrice over
to make sure it could not be read, even if it was intercepted.

The US is considered one of the leaders in encryption technology, but the
technology used by Al-Qaeda was as good if not better, Fardia added.

----- END FORWARDED TEXT -----

-Jay

   (    (                                                        _______
   ))   ))   .-"There's always time for a good cup of coffee"-.   >====<--.
 C|~~|C|~~| (>----- Jay D. Dyson -- jdyson at treachery.net -----<) |    = |-'
  `--' `--'  `------- There is no patch for stupidity. -------'  `------'



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list