Well, that means we now have his PGP Key and his list of email addresses. We probably have hundreds of megabytes of temporary internet files and very long lists of sites he has visited.

HA HA! I just thought of something. Email could actually be sent from his laptop to arrange meetings and such. LOL! I bet it should be quite interesting.

It's only likely that they have the public key. But that's something.

It strikes me that a lot of muj probably got hooked on heroin and/or opium and/or hashish after spending time in Afghanistan and places like Peshawar and Quetta, which are teeming with the stuff. As for porn, well, there's the virgin/whore thing.

There are recent pictures of Zarqawi and it seems Praktike

Praktike, do you want to deny any of this?

Patrick

Nah, if we got the whole laptop we'll have both the private and public keys. Additionally, if he's like 99% of the other people out there he'll have his PGP Key password written down somewhere on the system.

Frankly, even if he doesn't though I'm pretty sure the NSA can brute force the password on the key fairly quickly.

Dan,

Are you the original non-classified source for this information? If not, could you post a reference to a more complete report about the contents of the laptop?

Thanks.

Oh the poor jihadist, he's probably contemplating sending his IT guy on a martyrdom mission, even though Zarqawi is the one who failed to backup his hard drive!

How hard is it to get portable storage (i.e. USB Hard Drives) in Iraq these days? Probably a lot easier than before the infidels invaded. ;-)

Well I just got an e-mail from an observer who noted that the porn might have a darker purpose that just Zarqawi's sexual frustration and may contain encrypted messages of some form or another.

PD, Shaw, the thing you have to remember about me is that like Zarqawi, I too, am a master of disguise.

Praktike, do you want to deny any of this?

The silence is deafening. ;-)

E2 is correct. If we have Z's laptop, we have his PGP private key, albeit encrypted under an unlocking password. If Z's PW discipline is poor, that will fall immediately. If it is good, then how long it takes to crack will depend on the strength (entropy) of his PW. I really don't expect it to hold up against the NSA's computers, particularly since we have captured (at least) a good chunk of ciphertext under the private key to be used as a screen for candidates.

The ciphertexts we can then read should be interesting in themselves. We may also have captured an asset in the form of his PGP 'web of trust'. In some modes, PGP doesn't use a conventional centralized, hierarchical certification authority to attest that a published key in fact belongs to a particular person. Instead, you ask another to sign your (public) key, and anyone who trusts that person should then believe that the keyholder is in fact you. If Z and AlQ have been using this mode - and it seems tailor-made for a terror cell network - they we are going to find out who had been talking to whom, along what person-to-person routes, and even who is trusted sufficiently to attest to other's identify. (Crack some of their private keys without anyone knowing, and you can pollute the whole AlQ trust web.)

Dan - what your e-mail was talking about is called 'steganography'. It's hiding secret messages within a bulkier data object, such as video, graphics, or sound files. The most trivial form of 'stego' is to simply strip the encrypted message into the least significant bits of the carrier object. All it will do is fuzz up the music or image a little bit, as long as it's a gracefully degrading, lossy format to begin with. There are fancier forms of stego, such as convolving the hidden message into a low frequency component of the entire image or stream. The technology is essentially the same as used for 'digital watermarking' , in which case the hidden message is an authentication proving the ownership and provenance of the file.

If Z was using this technique, then unless he was incredibly careful, we bagged his stego program along with the laptop. That lets us know where things were being hidden, and that's a large part of the battle.

PGP (Pretty Good Privacy) encryption: Tom McCune's Q & A gives a fairly good overview of PGP. It is one of if not the best encryption package on the market. Breaking personal and public keys by brute force is far too time consuming to be of value.

As I recall there were a few media stories that dealt with PGP and it's use concerning past terrorist events.

Bottom line PGP is no slouch, to compromise it's encryption features pretty much requires putting the key in plain view for all to see.

Thanks guys.

One thing on the $100,000+ in euros they found with the labtop is that it could easily have been some of the ransom money for that Italian journalist. The average unit of exchange apart from the local currency in the Arab world is dollars, since they're accepted just about anywhere and easy to get ahold since that's what oil is traded in.

If anyone wants to geek out on the possibility of brute forcing PGP, check this out:
http://www.stack.nl/~galactus/remailers/attack-faq.html

I suspect the NSA has better ways of cracking the encryption. They are rumored to have a backdoor in the source code, but that is probably tin foil hat gossip.

Mark

You and I both agree that brute force against PGP although possible is highly unlikely without some luck in finding at minimum a portion of the key.

For those interested The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography by Simon Singh is a good place to start. I know it sounds boring and highly technical but I assure you it is not. It is an easy read and very well written.

He also uses something called PGP for e-mails, which I was told is some kind of e-mail encryption method.

Ack! Couldn't we have waited a while to advertise this?

Of course, if Zarqawi's flunkies weren't such cowards - and pussies in the eyes of Allah - they would have destroyed this laptop (and themselves) with a grenade.

USMC - brute force against PGP although possible is highly unlikely without some luck in finding at minimum a portion of the key.

PGP is only 128-bit encryption, though. The NSA people will hardly throw up their hands in despair.

If Zarqawi were any kind of a professional, instead of an ass-tick in the eyes of Allah, he'd have some reasonably decent encryption.

Al-Qaeda using PGP has apparently known for some time, I just got another e-mail referring me to the relevant passage from Dr. Gunaratna's book on the subject.

As for this particular instance, please keep in mind that they've had the labtop in their possession since February. It is now late April, and since Zarqawi managed to escape I presume for a variety of reasons that any tactical value with respect to the labtop has now expired. Certainly if he got away one of his first priorities would be to notify his lieutenants and the higher-ups that their communications had been compromised.

This might actually be one possible explanation for the relative lull in attacks of late, combined with the loss of a number of Zarqawi aides.

Glen:

Not to be flippant, but couldn't he have just used PGP because it's the easiest encryption method to get ahold of?

Glen,

al Qaeda already knows that PGP encryption is being used, and they know we have his laptop. It was Zarqawi's laptop, he was there when it was lost, and he escaped.

Here's a little more history on PGP that others might find intriguing

What does the future hold for PGP

PGP Freeware 8.1

Poking Holes in PGP Encryption

Bottom line. this is one product that works as advertised. It works so well that there has been a string of litigation surrounding the products availability and use. To make a long story short the genie is out of the bottle and there is no way to put it back. All the litigation in world will not make people stop using it or remove the availability of the product.

Glen
To be honest it has been awhile since I've heard any rumblings about PGP or its' creator Phil Zimmerman. I had chalked it up to the assumption that for once the media and government were on the same side concerning the issue. That side being one of silence instead of spreading the word.

The best practical bet seems to be finding the pass phrase in the disk cache.

Backdoors in PGP is much talked about, and that means that lots of busy little hackers keep snooping around in the (freely available) code. Anyone who reported a real and repeatable backdoor would get international fame and get his name in the history books. Its the Holy Grail of cypherpunks.
So far it has had the same results as the SETI program: a handful of false alarms, but nothing real.

Glen

From Tom McCune's link: 128bit encryption

"Since PGP uses public keys so much larger than this, it is easy to become confused when we hear the "reality" of PGP being "only" 128 bit encryption. To understand this, it is necessary to know that PGP uses both symmetric algorithms (IDEA, CAST, or Triple DES; Twofish is an additional option as of PGP 7.0, and AES is still an additional option as of 7.0.1) and asymmetric algorithms (RSA or DH). The process is the same regardless of the algorithms used, so my explanation will simplify it by referring only to the traditional use of IDEA and RSA. IDEA is a thousand (or more) times faster than RSA, but cannot be used for encrypting a file/message to one key, and then decrypting that file/message to a different matching key (public key encryption, which RSA can do). So, PGP speeds up the whole process by first encrypting the file or message to IDEA, using a randomly generated "session key" (an IDEA key used just for that one instance of encryption). That randomly generated session key is then encrypted to the recipient's public key(s), and packaged along with the IDEA encrypted file/message. The recipient(s) then uses his/her private key to decrypt the session key, which is then used to decrypt the file/message. In addition to tremendously speeding everything up, this use of underlying symmetric encryption to a randomly generated session key, improves the overall security of PGP - and also helps explain why the same file/message encrypted to the same public key always looks different (a different session key was used). These underlying symmetric algorithms are believed to be best broken by a brute force attack of trying all possible keys, which is considered impossible to do because of the sheer number of keys to try - each additional bit doubles the number of keys that would have to be tried, so that a 57 bit algorithm would have twice the number of possible keys as a 56 bit algorithm. The asymmetric RSA algorithm is believed to be best broken by mathematical factoring. It is believed that a 3000* bit RSA asymmetric key would require as much time and effort to factor, as the time and effort to do a brute force attack on 128 bit IDEA. These key size comparisons are considered roughly comparable for the other algorithms used in PGP (except that 256 bit Twofish and AES compare to a 15000 (yes, really 15,000) bit DH or RSA key) - so if you want the highest possible level of security in PGP, you should use an RSA or DH key at least as large as 3000 bits."

Ummm, hey, guyz. Brute force works-- the No Such Agency will eat their lunch. Where do you think the Cray Xs are? ;)

The value of the laptop is that the PGP key on it lets the NSA go back through its tapes and see what it can unlock in its recorded PGP message vault.

If Zarqawi's Laptop PGP key was not changed for several months, then the NSA has the opportunity to recreate all Al-Qaeda communications to and from Zarqawi for that time period.

That will give the operations analysts a huge insight into Al-Qaeda and its patterns of operations, most especially in terms of the patterns of money trails to follow.

jinn:
I'm well aware of the Cray X - my primary job is disaster recovery of hardware and data for large mainframes.

It is not question of being able to break it by brute force. It is a question of the amount of time it will take you to do it.

Trent:

I agree that what you are suggesting is a possibility providing they cracked or discovered the pass phrase that protects the use of the key. Keep in mind that this is not the same as decrypting the key it just allows me use of the key. IE - I still don't know what the key is but I can use it to open the door.

We only need his credit card #.

Dan: Not to be flippant, but couldn't he have just used PGP because it's the easiest encryption method to get ahold of?

And isn't that a shocking commentary on how far standards of intrigue have fallen since the end of the Cold War?

USMC:

For years most commercial encryption software has been limited to a 128-bit Data Encryption Standard because the government wants the standard kept that low. It's plenty good enough, unless you're up against somebody like the NSA.

I guess it's pointless to argue that Zarqawi should have gotten something better, when Zarqawi didn't even know enough to ensure the destruction of the laptop when they had plenty of opportunity to do so. Then it wouldn't have mattered if they were using Pig Latin Encryption.

maps

"We only need his credit card #."

At least we could empty his bank account with it. Given the recent spat of Personal Information Leaks it's a wonder other institutions haven't followed Phil Zimmerman's lead. My advice, if you bank online and haven't changed passwords or PIN information recently I would certainly do it now. You should do it even if you don't bank online. I might even consider not banking online at all. The latter however does not protect the data the bank currently maintains. It only protects your personal data at the home PC level.

Could it be this is due to the fact that if they did implement higher security levels big brother couldn't watch. With the level of protection we are talking about the employer would also lose monitoring capability of employees. You decide.

Glen

"I guess it's pointless to argue that Zarqawi should have gotten something better, when Zarqawi didn't even know enough to ensure the destruction of the laptop when they had plenty of opportunity to do so. Then it wouldn't have mattered if they were using Pig Latin Encryption."

People do stupid things Glen. It is also safe to assume that it is down right difficult to remember the objective is to drain the swamp when you're up to your a__ is alligators.

As for Zarqawi's pass phrase there are an infinite number of ways it could have been compromised. Phil Zimmermann certainly puts forth valid arguments as to why PGP is of such interest to the government including the FBI and NSA.

The biggest question of all is why the adamant interest by the FBI and NSA if they can crack it as easily as we might be led to believe?

A few final notes on PGP:

If you've got the laptop, you aren't trying to break a 512-bit or longer key pair, you're breaking the secret that is protecting the encrypted private key stored on the laptop. Probably an easier job, barring very good password discipline or use of token. (Note this is yet again different from the secret IDEA/3DES session key referred to in USMC's post.)

Re PGP/Zimmerman's lower profile these days:

- The first version of PGP infringed patents claimed by RSA, which went on the warpath. It was later revised to use Diffie-Hellman techniques that had already gone off-patent, and the RSA patents have now expired as well. Exit soap opera factor #1.

- The US Gov't first weakened and then quietly withdrew its ITAR rules on crypto export, after earlier backing off the trial balloon of forcing the use of key escrowed crypto algorithms. As an 'anti' during those debates, I think the USG folks are retrospectively due more credit than they got for motivation - there really were bad guys using the technology. OTOH, their entire approach was counterproductive. Even the threat of regulation caused a rather esoteric set of knowledge to be spread pre-emptively through the Internet, into what is now the open source movement. Once SSLeay popped up, Felix was well out of the bag. Once the powers that be recognized that, they eventually backed off and PGP's "export" of regulated technology also became a nonissue.

- PGP (the company) was acquired by Network Associates, a public company, which usually don't like controversy. Later (2002) the product was spun back out into a standalone, venture funded company which still owns it. VCs like controversies of certain types, but not the kind that Phil was so good at creating :)

(I agree with the speculation that we've likely exploited the laptop grab maximally if the story is coming out. The last little bit of goodness might be letting fringe AlQ cells not already warned of the issue know that any message they got in the last two months might have been forged or cracked. If one of those was an activation order, that could be useful.)

Very interesting. Hopefully we will get beyond this cyber chat and get some info about the where abouts of Zarqawi. Once he is dead we can once again focus on the Lord Master Sith himself, Bin Laden.

USMC-- coolio!
And you're right, it is the time factor. Enough time, enough samples, we can crack anything. Until we have unbreakable quantum codes, that is. ;)

I'd be mildly surprised if the NSA were able to break PGP in and of itself. If they crack this particular case, it will likely be due to a lack of discipline or a flawed implementation, somewhere.

If there is a flaw in the implementation of the PGP software itself, for instance, that the NSA has detected but not advertised, that might make the attack easier. Likewise, if Zarqawi failed to exercise proper discipline on his own system, that could help, too.

Assuming that the NSA has enough brute force to break a properly disciplined system, or that they have a fundamentally new factoring algorithm, or that they have a quantum computer capable of running Shor's algorithm on problems of that size... those fall into the realm of tin foil hats, I think.

However.

Consider that any mention of having taken the private key or not taken the private key, as a potential psy-op.

The original DES is a 56 bit key, its been somewhat improved by the use of Triple DES.

PGP is currently available in both the commercial form offered by PGP Corp. and in several open source forms.

PGP provides for up to 4096 bit keys that last time I looked at the version I run. However those bit lengths are for the public/private key pair. They are used to encrypt the actual 128 bit IDEA key that is randomly generated for each message. So it is true that the final key of the encrypted message is 128 bits, but that key still takes a very large amount of computing power ( an amount many people still believe is beyond even a government's resources ) but if cracked only a single message is compromised.

Breaking personal and public keys by brute force is far too time consuming to be of value.

...for anyone on the planet other than the NSA, yeah. Remember, they're not trying to brute-force an encrypted message of arbitrary length, they're trying to brute-force the passphrase that unlocks a private key of a known length- not at all the same thing.

Easy? No. Impossible? No. If anyone can do it...

If they have his laptop, chances are, they have his private key chain. Cracking that is much easier than trying to go through public key on open comminque.

Tim et al who suggested to go after the passphrase protecting the private key have it right.

The first try at the passphrase will be a "dictionary attack". The NSA is probably not in need of my suggestion here, but the "dictionary" to use here would be the Quran, Hadith, etc...

Excellent analysis on this rat Zarqawi. We are doing a similar job at:

http://www.waronjihad.org

Ok, this was funny:

"PGP uses the RSA public-key encryption system. Its inventors: Ronald Rivest of MIT, Adi Shamir of the Weizmann Institute in Israel, and Leonard Adelman of USC. (Rivest/Shamir/Adelman = RSA).

What would these idiot terrorists do without the Joooooooooos!"

-- "usa," at LGF

And another dimension would be the politicization of the NSA - would they drag their feet or obfuscate as has perhaps been seen in State, CIA, etc?

Bill, I know a few people associated with NSA and so far as I can tell, it is by far the least politicized of the intel agencies, along with DIA.

Robin is correct.

State has always been the most political, since much of their job (diplomacy) involves politics to begin with and it's easy to shift from the international to the domestic arena. The CIA shift occurred only since 2003, from what I understand.