back to article BA jihadist relied on Jesus-era encryption

An IT worker from British Airways jailed for 30 years for terrorism offences used encryption techniques that pre-date the birth of Jesus. Rajib Karim, 31, from Newcastle, was found guilty of attempting to use his job at BA to plot a terrorist attack at the behest of Yemen-based radical cleric Anwar al-Awlaki, a leader of al- …


This topic is closed for new posts.
  1. Lee Dowling

    Rule #1

    Rule #1 of encryption, randomness, steganography, copy-protection or a million and one other related areas:

    Just because you *think* it's better than a published algorithm reviewed by thousands of experts, doesn't mean it *IS* better.

    Rule #2: Never "make up" your own encryption, random number generator, steganographic technique, copy protection etc. - it'll never work and if you *ARE* an expert, you'll know that you'll need to have people attacking it for decades before you declare it "secure enough". Even using the published ones "with a twist" or a new from-scratch implementation will compromise your encryption most of the time.

    Rule #3: Don't trust in God when 2048-bit, peer-reviewed, PKE exists and has *never* been "cracked", even when terrorists used it and we needed access to the information contained within for anti-terrorist purposes. Seriously. There's never been a case where "real" encryption that wasn't hideously out-of-date was used and some random three-letter agency managed to decrypt it. There's a reason for that - that's what it was DESIGNED for.

    1. Gleb
      Thumb Up

      Gee, leo

      Thank you so much for being so enthusiastic about helping terrorists to hide their secrets. If only they had YOU as their IT guy, all those infidels would have been dead by now. :)

      1. Elmer Phud

        Oh, they tried

        "Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called "Mujhaddin Secrets", which implements all the AES candidate cyphers, "because 'kaffirs', or non-believers, know about it so it must be less secure"."

        If they had had employed methods that the infidels are used to they might well have gotten away with it. But, with the typical 'wisdom' shown by hard-core beleivers they came up with a huge fail.

        There is a highly technical solution but the twats though they were better.

      2. Chris Harden

        Don't sweat it

        They would never read The Register aways, it's run by infidels.

        1. Anonymous Coward

          The title is required, and must contain letters and/or digits.

          I thought it was run by Lesbians...

    2. Anonymous Coward


      What are you talking about? All encryption methods can be broken within 60 seconds. I have seen it on TV: the movie Swordfish, the show "24", so it must be true. :P

      "This is Jack Bauer. I had to shoot the suspect. I am at his terminal of doom, but it requires a password."

      "Ok, let's see what we can do." Clickety-clickety-click ... (60 seconds of ADVERTISING) "Jack, we got the password."

      "Give it to me."


      1. Anonymous Coward


        Now I have to change my password.

    3. Anonymous Coward
      Anonymous Coward

      I agree...

      Although I would point out that, just because a particular type/strength of encryption hasn't been anounced to be cracked, doesn't mean that it's not crackable by GCHQ/NSA. It may be a routine crack, it may be very non-trivial but doable. They are very unlikely to announce they can crack particular cyphers.

      Bear in mind that we now know that GCHQ operated PKE for years before it was "invented" by messers Rivest, shamir and Adleman.

      1. Chris Harden


        My money would be on it still taking them months to do, so for your average porn hiding requirements (which 99% of El Reg readers will be needing it for I bet) they probably wouldn't bother :D

        1. This post has been deleted by its author

      2. Anonymous Coward
        Anonymous Coward


        Normally it suffices to just brute force the password encrypting the real cypher, rather than actually crack the encryption.

      3. DrXym Silver badge

        GCHQ / NSA etc

        I think it's reasonable to assume that these big orgs have the resources to invest in a distributed system that cracks files, large databases that host reverse hash lookups of every password of some arbitrary length, song lyrics, every book passages, religious verse, movie quotes, phrases, sayings and idioms and numerous other languages with appropriate transliteration. It's even likely they know of weaknesses in crypto that reduce the effort to brute force attack encryption reducing the number of rounds it takes.

        What isn't likely is that there is some magic backdoor in the crypto. AES and its ilk has been analysed for years. The user's choice of passphrase is likely to be far more vulnerable than the algorithm. Therefore anticipate what the attackers are likely to be capable of and make the passphrase stronger than that.

        Of course GCHQ / NSA aren't brute forcing random messages. They're probably eavesdropping on particular sites, and email providers, and cell phones and so forth. They probably have a fair idea that something is up and who the perps are simply from monitoring messages passing between certain people even if the content of said message is unknown. I bet this maroon was a suspect way before they got around to cracking his messages. Therefore it would be as important to communicate in a way which didn't arouse suspicion as much as it would the manner in which it was done.

      4. Anonymous Coward
        Anonymous Coward

        Sure, here's title.

        That's why I wouldn't touch Rijndael for anything I would ever want to hide from NSA et al. They've chosen it for AES ergo they might have some hidden reasons for it (like availability of cracking method).

    4. Al 6

      Rule #3

      History is full of cases where three-letter agencies or their equivalents have worked out how to crack what were believed to be state of the art encryption schemes. There's a reason for that too - that's their job. If they're doing it properly the first we'll know about it is when the documents are eventually declassified.

    5. No, I will not fix your computer

      Re Rule #1

      Simply XOR the data with a secret key as long as the data and it's uncrackable, very old technology, the only weak point is keeping the secret key secret (and transporting it), don't reuse the key and there's no technical weakness in this encryption.

      1. Old Handle

        Re Re Rule #1

        A secret, *perfectly random* key as long as the data.

        1. Ray Simard

          @Re Re Rule #1

          Yes; it's called a one-time pad, and it's the only form of encryption believed to be truly unbreakable, as long as the key is truly random and isn't left around somewhere where it can be found, and is never reused.

    6. Matthew 26

      It's Ironic

      That most of the basic maths used in modern encryption were discovered in the Arab world.

  2. Jan 0 Silver badge

    Please clarify which Campbell

    "Lunchbox" Campbell or

    "Beneath the City Streets" Campbell?

    The latter would be an excellent addition to Register correspondents!

    (rot13 to reveal the message:)

  3. JakeyC

    Silly terrorist is silly

    Hello Mr Terrorist,

    We kaffirs all know about encryption so if you want my advice you should use lemon juice as invisible ink.

    When your mate warms the paper in an oven it will show up your secret message. You should definitely do this because no one else uses it so it's more secure.

    P.S. We also know about explosives so next time, use water bombs because we won't be expecting that and we'll be very afraid.

  4. Anonymous Coward
    Anonymous Coward



    That is all.

  5. neb

    allah be praised...

    ...they didn't have an cracker jack secret decoder ring or we'd have been completely screwed

    i suppose its one step up from ROT13 though...

  6. Christoph

    Wrong algorithm

    They should have used double ROT13 encryption

    1. Cliff

      Brilliant :-)

      As 5 layers of substitution cypher is as strong as one layer...

    2. darkmage0707077

      Re: Wrong algorithm

      No, they need to be even MORE secure and use ROT26! Thus, NObody will be able to figure out their secret messages!

      1. Ray Simard

        @Re: Wrong algorithm

        As long as they don't speak Arabic.

  7. Jim 59


    I wouldn't be too sure that 2048 <whatever> hasn't been cracked, either. Most of the secret agencies in the world might crack it routinely, but they wold never let on, lest their enemies stop using it.

  8. unitron
    Gates Horns

    Excellent news

    If the terrorists are using Microsoft products they're just making things harder on themselves.

    Can we trick them into using Word and PowerPoint?

    1. Elmer Phud

      Fair enough

      Word and Powerpoint - there's no way I could stumble upon any hidden code in them - they don't exist on my machine.

      1. Chris Harden



    2. Trygve Henriksen

      MS Office?

      and why do you think they're so angry at the west?

    3. Fred Flintstone Gold badge


      No better denial of bomb planning tools exist today...

  9. Michael H.F. Wilkinson

    Maybe Bletchley Park

    should sell them an app that simulates the Enigma machine. Then we can put a remade Colossus or Turing bomb to good use again. ;-)

    You really have to laugh at their stupidity. I new how to decrypt single letter replacement schemes as a kid (10 or 12 y/o).

    If you REALLY want to be secure, use a (sufficiently random) one time pad. This is provably uncrackable. Truly random bits can be obtained can be obtained in many ways (including the use of various quantum devices, and radioactivity (no bad Fukushima jokes please)).

    1. A handle is required

      It's bombe, not bomb

      See title

      1. Anonymous Coward
        Anonymous Coward


        A balm? What are you giving him a balm for? It might bite him.

        1. Anonymous Coward
          Anonymous Coward

          Special delivery...

          A bomb, for you...

        2. A handle is required

          Who told you to put the balm on?

  10. James Hughes 1

    Next time?

    They'll know better.

    1. Cameron Colley

      Yup, expect "blank" wax tablets being posted around the world.

      Or, if they're really crafty, they'll draw pictures of dancing men.

      1. Christoph

        Pictures of dancing men

        It was good enough for Captain Nancy

      2. Ray Simard

        @Yup, expect "blank" wax tablets being posted around the world. →

        My dear Holmes!

  11. Destroy All Monsters Silver badge
    Paris Hilton


    It's actually sad.

    I wonder whether that kind of research can be found in the Qaeda fanzine. I remember something about mounting swords on 4x4 trucks, Persian-style, so it wouldn't be surprising.

  12. John Lilburne

    Ppfmfp ppmffm

    Ppfmfp ppmffm mfmmmmfppmpm fmpmfpmppffm'fpmmpp pmpmffpmfpmfmppmpm FmpMppMfp fmmmppmmfpffmppfmp mmfppfmpmmpp fmpmfpmpp mmpmmmfmmfmpmmmpffmpmfmm

  13. Marcus Aurelius
    Black Helicopters


    There's an encryption package called Mujhaddin Secrets?

    How does it compare to PGP or whatevers used on Wikileaks insurance file?

    1. Risky

      Mujhaddin Secrets?

      Well I'm not googling that one. I don't fancy any more involvement with Cheltenham than my E/W on Denman.

    2. Anonymous Coward

      There's an encryption package called Mujhaddin Secrets?

      That's just to fool you. It's actually a Halal perfume.

  14. Anonymous Coward
    Anonymous Coward

    Welcome to the idiot machine

    Honestly, this is how I like my jihadist terrorists. I'd rather do without them entirely, mind, but if, then IT bods that insist on rot-N fit the bill nicely. This is NOT how I like the prosecution. Not even if they were prosecuting me*. Why do they insist on matching both sides on equal stupidity? Is this what's supposed to protect us? Hello?

    More proof that the security circus is a waste of time and money and a fertile source of injustice. And no, not strictly because most "holy warriors" turn out to be, shall we say, a bit warped.

    * I admit to no more untoward thing than general commentarding and occasional calling for firing and blackballing of egregiously incompetent shmucks from jobs that involve the public trust, guv.

  15. Miek

    Encryption ?

    Surely a substitution cipher is just obfuscation rather than encryption ?

  16. Gideon 1


    2048 bit PKE isn't 'real' encryption, it is only a 'good' cypher. Real encryption is OTP.

  17. This post has been deleted by its author

    1. Chris Harden


      Personally, if I was facing a prison scentence if my code is cracked, I'd go to the trouble of a one time pad.

      1. Loyal Commenter

        If I was facing prison on terrorist charges

        I'd probably think more seriously about not doing whatever it was that was going to get me into prison. Given that perspective, it's hardly surprising that someone who is enough of an idiot to think terrorism is a good idea is also enough of an idiot to not understand the basics of cryptography.

        After all, it is exactly this kind of idiocy that gave us the shoe 'bomber', the underwear 'bomber' and some improbable plot about liquid explosives that allows BAA to confiscate drinking water and sell it back to us at £10 a litre on the other side of an arbitrary checkpoint.

      2. Charles 9

        The best solution... to make your cipher NOT look like a cipher. That's why the idea of pre-established code phrases that couldn't be distinguished from the general chitchat of everyday life. And this is also the reason behind steganography.

    2. Paul Durrant

      One time pad IS 100% secure.

      ..."still not 100% if you use a lot of recurring phrases..."

      Ummm.... No. Using a true one-time pad (random pad as long as the message), there's no way to retrieve the message without the one-time pad. Even if the message is just the same word repeated 1,000 times.

    3. This post has been deleted by its author

      1. Gordon 10

        Don't bet on it

        Using any book as a otp is daft.

        I would assume that the TLA agencies have a database of every published word.

    4. The Other Steve

      If you re-use them

      Then they aren't ONE TIME pads anymore

    5. Anonymous Coward
      Anonymous Coward

      The point is... don't re-use one-time pads. The clue is in the name.

  18. James 47


    'No security through obscurity'

    Blah blah

  19. DrXym Silver badge

    BA should be ashamed of themselves

    Imagine hiring this idiot as an IT specialist.

  20. Matt Hawkins

    Mujhaddin Secrets

    "Mujhaddin Secrets"?

    That's just Winzip, right?

    1. PerfDave

      "just Winzip"

      That's the Winzip that has for nearly a decade used industry-standard AES encryption?

  21. Yet Another Anonymous coward Silver badge

    9 months ?

    Is this the same plot that the police had taken 9 months to crack the encryption?

    Perhaps their IT experts don't know about letter frequencies and started with A=B and went from there?

    1. david wilson

      @Yet Another Anonymous Coward

      >>"Is this the same plot that the police had taken 9 months to crack the encryption?"

      Is that what they said happened?

      Even if so, why would you expect they'd be telling the truth?

  22. Fred Flintstone Gold badge

    This is what IaaS *REALLY* means

    Idiots as a Service. Also exemplified by Farcebook, Twatter and Google (clever, that last one - can't find a good word to rename it - anyone?).

    The problem is that they learn every time they cock up. There must be a better way to tackle this threat than a technology war.

    1. Anonymous Coward
      Black Helicopters


      Well I would rename it to "Gogole" but probably only french-speaking people will understand it.

      AC Because, well, I don't want google to be mad after me :)

  23. Sir Runcible Spoon


    If they[the idiots] had used PGP (or equivalent supposedly uncracked enryption) and the gov wanted to prosecute them, they[gov] would have to admit they had cracked it wouldn't they? If this were the case, then an announcment saying something like "they were using a really shit substitution system" would throw people off the scent..perhaps.

    Anyway, a true code is uncrackable, but then anyone could guess they used the Koran as the document.

    1. Anonymous Coward
      Anonymous Coward


      They wouldn't admit to cracking the code, they'd go to great lengths to find evidence elsewhere and protect the fact that they'd cracked the code.

      If you know that person X is going to bomb something ony Friday, it's fairly easy to arrest them on Friday with a bomb. You don't need to let on about cracking the encryption in this case. Actually they'll go to far greater lengths, but that's the general idea.

  24. Magnus_Pym

    Unthinking belief in a divine power == ...

    ... unthinking belief in a crappy encryption scheme.


  25. Chris King

    @John Lilburne

    Shouldn't Stan, Kyle or Cartman be delivering that line, rather than Kenny ?

  26. Rick Brasche

    "Old" does not necessarily mean "less sophisticated"

    Just because it's old doesn't mean it's not sophisticated! Kids these days, thinkin' they're all the sh*t because they got nuthin better ta do than follow current pop trends...most of which are recycled from stuff that was new (read: old and recycled) when I was a lad.

    Now get off me lawn!

  27. The Other Steve
    Thumb Up


    So by the sound of it, he used a "Caeser Box" (columnar transposition) cipher*, thought to have been first described by that well known muslim brother and jihadi Julius Caeser, using instructions he certainly got off the internet - which as we all know was invented by a cabal of radical islamists - and implemented it using software developed by well known fighters for the caliphate, Microsoft.

    Shame he didn't bother his sorry arse to check the kaffir's literature - there's a whole chapter on this in Fouche Gaines, for instance - or the kaffir's Google search which yields the exact method by which to crack such as it's first result.

    Upgrade the terror alert status to "Mong" and spin up the ROFLCOPTER

    As for using more sophisticated ciphers, well.

    Cops : "Give us the key"

    jitardi: "No"

    Judge: "Five years in solitary chokey for you"

    ... five years later ...

    Cops: "Give us the key"

    jitardi: "No"

    ... etc ad infinitum ...

    (Note : there is simply no way that GCHQ et al are going to use decrypts from any modern crypto system in open, or even closed court even if they can break them.)

    Either way you're fucked once the rozzers have put your front door through, it's just funnier the way he did it. Possibly worth noting that shit crypto was the least of his opsec problems. Hats off to the security services for the catch, because in all seriousness this dickhead could have done real damage.

    *@TeamReg, you mention transposition tables, so I'm going with that. ICBW. Substitution ciphers are a different beast. I shall look forward to the forthcoming articles on jihadtard crypto.

    1. durandal



      Mine's the one with the secret decoder ring in...

  28. Anonymous Coward
    Dead Vulture

    Yes please

    Yes, Register: more Campbell and less Page. Or at least less Page banging on about nuclear "triumphs" instead of his firmer stomping grounds of military spending rants and particle punishment bulletins. Because at least the comments on the latter topics provide insider insights rather than an echo chamber of "What is the world coming to?" outbursts as those accusing the media of alarmism presumably rush off to get their nightly dose of indoctrination from the very same sources.

    1. Pigeon

      No no..

      Ms Louis Paget et old comrade from Foreign Legion. He more skilled than Bare Grills in survivalism. Anyway, excuse the deliberatisms, I'm still practicing (and arguing for the sake of it).

  29. Anonymous Coward
    Thumb Down


    Hmm, his distrust of Kaffir technology didn't seem to influence his original reason for coming here, to get the NHS to attend to his 3-year-old son's ill health. I can understand traumatised lost souls becoming radicalised, but this one? to whom we only extended compassion and free treatment?

    I alway thought the laws of hospitality were absolutely the most fundamental, across all religions and peoples.

  30. Ian Michael Gumby

    First rule of a cyberpunk...

    #1) When they expect High Tech, go low tech.

    (Credit Gibson with that one... its in one of is short stories in his anthology 'Burning Chrome' I think...) [Maybe I should get a PhD in Science Fiction? :-) ]

    The Brits got lucky. There are other low tech techniques that would have been more difficult to break...

    1. MichaelBirks

      Re: First rule of a cyberpunk

      You're quoting from the original 'Johnny Mnemonic' the inspiration for a movie with the same name starring a pre-matrix Keanu Reeves.

      "If they think you're crude, go technical; If they think you're technical, go crude. I'm a very technical boy."

      Yay @GreatDismal

  31. david wilson


    >>"Writer Duncan Campbell, who acted as an expert witness for the defence during the trial, said: "Tough communication interception laws [RIPA] were passed in the UK 10 years ago on the basis that they were needed to fight terrorism. Ludicrous articles were published then about the alleged sophistication of their methods."

    >>"The case just dealt with shows where we have got to in the real world. The level of cryptography they used was not even up to the standards of cryptology and cryptography in the Middle Ages, although they made it look pretty using Excel.""

    Isn't that rather like saying that there's no need for weapons legislation because one retard just tried to hold up a Post Office using a banana?

    Should legislation really always be based on the inadequacies of the last person stupid enough to get caught?

    Then again, does anyone seriously expect that we're actually going to get told about every case where properly encrypted communications *are* intercepted and *can't* be decrypted?

    Even when interception/decryption happens, it seems likely that often there'll be misdirection involved to make people think a plot was foiled some other way, in the same way that if information is obtained from housebreaking/keylogging/etc, it's likely that *that* will often not be mentioned, but some other explanation would be offered or hinted at as to how information was discovered.

  32. JaitcH

    SOP: "claims by the prosecution ... were overstated"

    Most police and prosecutors exaggerate their cases in court. Look at all the drug cases where drugs worth gazillions of dollars when priced by the police actually amount to substantially less in the real market.

    Likewise with terrorism cases, some little bomb is going to blow up some metropolis. The FBI affidavits seem to be more fiction that fact.

  33. Yet Another Anonymous coward Silver badge

    Excel ban

    Does this mean that Excel is now a terrorist weapon and it's export should be banned?

  34. Mondo the Magnificent

    OMG! OMG! They used the "K" word

    To quote the article: "Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called "Mujhaddin Secrets", which implements all the AES candidate cyphers, "because 'kaffirs', or non-believers, know about it so it must be less secure". Unquote...

    In South Africa you could be prosecuted for using the word "k*ffir" which is regarded as a racist and demeaning term.

    1. Matt Piechota


      "In South Africa you could be prosecuted for using the word "k*ffir" which is regarded as a racist and demeaning term."

      There goes my dream of opening a Thai restaurant there.

  35. Sabine Miehlbradt

    How disappointing

    60+ comments and no one hase reposted this yet?

  36. Anonymous Coward
    Anonymous Coward

    He'll have plenty of time

    He'll have plenty of time to figure out a better encryption method while in prison for 30 years.

  37. NoneSuch Silver badge


    Anyone who has an informed opinion about this subject is in a small windowless room in GCHQ and unable to comment on the various strengths and weaknesses of any given encryption package by the Official Secrets Act.

    AES is an approved form of encryption and it is doubtful the US Gov would allow it unless it was readable.

    In the end though; Encryption only delays access to information, it does not deny access.

  38. Joe Montana

    Gross incompetence

    This guy was supposed to be an IT worker, he should have known better...

    Also, using Excel? Why would they use tools which are symbolic of the capitalist "kaffirs" they consider to be their enemy?

  39. Yet Another Anonymous coward Silver badge


    >AES is an approved form of encryption and it is doubtful the US Gov would allow it unless it was readable

    That's exactly why you know it ISN'T readable. The US govt wouldn't use it if their enemies in the secret service could break it, the secret service wouldn't use it if their enemies in the NSA could break it, etc etc

    The Whitehouse don't give a damn about the Russians reading their emails - it's the CIA reading them that is a threat

  40. Anonymous Coward
    Anonymous Coward

    Harsh Sentence

    Not that I'm surprised, buy unless being an idiot is a crime, 30 years is an awful long time for what he actually did. Based on the previous article here, it sounded like he was really only aiming to cause disruption, not death.

  41. Chris Seiter

    But Microsoft uses it... The website looks like a kid with a template made it, but interesting that the registry uses that type of letter change to obscure some keys.

  42. little

    same word repeated in one time pad?

    does not it become just a bad substitution ciphder?

  43. Matt Bryant Silver badge

    Who needs to break the encryption when you have Gitmo?

    Sorry for all the cryptonuts out there all happilly bragging about the length of their keys, but the time a message's protection are the weakest are before it's transmitted and when it's received. After all, the message is not what kills you, it's the acts the receiver commits due to the message that we want to stop. If you know someone dodgy is sending nasty stuff and you can't get to him, then you look to where he is sending it, "collect" the receiver and ask him what the message said. As likely as not, just by holding onto the receiver you stuff up the bad guys' plans. If an encrypted file is going to take five years to decrypt using brute force then it's simpler, faster and cheaper just to do decryption by the waterboard method. The alledged CIA rendition program was simply that, the route one approach to stopping AQ acting. Whilst AQ spent years setting up a tightly secured IT program for email exchange, all they actually did was highlight to the NSA and CIA the location of the jihadis out in Pakistan and the West. Whilst that argument will upset the handwringers, how do we know it worked pretty well? Simple - how many successful AQ attacks in the West have their been?

    1. Anonymous Coward

      Handwringers? Never

      Ah Matt, you are so mistaken.

      It is nothing to do with the waterboarding - for example, the fact is plain to see that while waterboarding took place there *were* attacks in the West (7 July 2005 springs to mind, as does the Madrid train bombing). And given that waterboarding has ceased, with no concurrent rise in sudden explosions it seems obvious this is an incorrect assumption. It is not a case of upsetting handwringers, it is actually a case of upsetting the barely controlled sociopaths who delight in the suffering of others under false pretexts.

      Now, the real safety net has been a small stone I picked up in Avebury. Every day I water this stone at 0716hrs. And in doing so I have single handedly prevented countless terrorist attacks taking place. I admit, that a few times I have been late, or forgotten, and bombs have gone off, but you cant have everything can you? Just think of all the lives I have saved.

      Now Matt, I am sure you and the countless others who agree with doing "whatever it takes" to stop the EVIL TERRORIST will be happy to fund my continued watering of this stone. At a mere £800 per day (7 days per week, plus VAT I assume) it is even cheaper than waterboarding. Unless of course, you only agree to untested, unproven, unprovable even, methods that involve the abject suffering and torture of other humans? That would be kind of weird, wouldnt it?

      Before anyone goes off on one about "it not being the same thing" - I feel I must point out the fact that I have exactly as much evidence as supporters of waterboarding.

  44. Tempest

    What concerns me most about this matter is BA's hiring practices? Don't they do background checks?

    BA, like all major entities, owe it to their customers to do through background checks on employees that can exploit vulnerabilities in corporate entities.

    Abother reason to avoid flying BA>

  45. Anonymous Coward

    uh... yeah

    "a good cypher like 2048-bit"

    I stopped reading after that.

    Seriously, this issue is totally a non-issue. All the people who are scared that NSA can crack 256-bit AES can just easily overlay (known-to-be-hard) encryption schemes. I'd love to see them crack something encrypted with Serpent, then HC-256 (or Salsa20) and then Twofish (especially if they're combined with a strong key-derivation function).

    They can have some specific attacks for Serpent, Twofish and HC-256, but I doubt they can find any flaw that extends over those (quite different) three encryption methods.

    Also, to address the author of the article: to assume that any small change done to a thoroughly reviewed cipher automatically makes it presumably unsafe is bollocks. In fact, just to give you a quick counterexample: for almost any Feistel cipher, you can safely add ANY constant bijection over GF(2^n), where n is the blocksize in bits, between every three cipher rounds and it will never make the cipher worse (in fact, it might make it better). So, yeah... adapting a well-known cipher design to make a secure custom cipher is not trivial, but it's also not impossible.

    tl;dr: just because you can't modify a symmetric cipher in a way that the end result is still safe, don't assume no one else can.

This topic is closed for new posts.

Other stories you might like