Posted on 10/04/2001 6:46:51 PM PDT by Thanatos
For Editorial and Discussion use only:
By LISA HOFFMAN
Scripps Howard News Service
October 04, 2001
- To terrorist cells such as Al Qaeda, a picture on the Web can be worth thousands of words.
Employing the 21st century version of a concept as old as secrets themselves, alleged terrorists affiliated with Osama bin Laden are believed to have exploited the vastness of the Internet to hide messages between conspirators in what amounts to plain sight.
According to declassified intelligence reports, court testimony and computer security experts, bin Laden's network has been a pioneer in adapting the ancient art of steganography to the Internet. U.S. officials and high-tech researchers seeking to counter such techniques are scrambling for methods to detect or derail them.
Online steganography - derived from the Greek words meaning "covered writing" - essentially involves hiding information or communications inside something so unremarkable that no one would suspect it's there. It's the cyber-equivalent of invisible ink or the "dead drops" that spies use to pass secrets.
Experts say Al Qaeda, along with the Palestinian terrorist groups Hezbollah and Hamas, have used computer software available for free on the Internet to communicate via virtually undetectable messages embedded electronically within innocuous photographs or music files of the sort that millions of Internet users send to each other each day.
Using it as a ruse, bin Laden's terror operatives allegedly have been able to bury maps, diagrams, photos of targets and messages within popular music, auction and sports sites as well as pornographic chat rooms - incongruous territory for devout Muslim fundamentalists.
Secrets even can be hidden in spam, the millions of unwanted e-mail messages ricocheting daily across the Internet that barely register with most users before they delete them. Communicating this way makes it extraordinarily difficult for law enforcement to pick up on, much less interdict or trace.
"The sender can transmit a message without ever communicating directly with the receiver. There is no e-mail between them, no remote logins, no instant messages," wrote Bruce Schneier of Counterpane Internet Security. "Steganography is a good way for terrorist cells to communicate... without any group knowing the identity of the other."
It's an old concept, written about in 474 B.C. by Greek historian Herodotus, who described how Histiaeus of Miletus shaved the head of a slave and tattooed a secret message on his scalp. When the slave's hair grew back, Histiaeus dispatched him to the Greeks, who shaved the slave's head and read the message.
During World War II, invisible ink was used by all sides. And the Germans perfected the use of "microdots," in which a page of writing could be reduced to the size of a dot on a letter - only to be enlarged by the recipients and read.
Computer steganography essentially piggy-backs information on empty or unimportant spaces in digital files. But those who want to employ the method don't need to understand the complex concepts at work - all they have to do is download software available free or for less than $50 from more than two dozen Internet sites.
Follow the instructions for using the software and, with a few mouse clicks, you've hidden a message that is all but undetectable, except by the person you have tipped to where to find it.
Photo or music files with such messages embedded are indistinguishable to the human eye or ear from identical ones lacking the secret data. (For an example of how this works, go to http://www.spammimic.com, and embed your own message in spam.)
That fact exponentially increases the difficulty for investigators trying to track terrorist communications online. "With the volume of documents, photos, video and sound files moving on the Internet, there is no system powerful enough to analyze every object for hidden messages," wrote Barry Collin(CQ), research fellow at the National Interagency Civil-Military Institute of the National Guard Bureau.
And an interceptor can be hamstrung even more if the hidden message is encrypted into code. Bin Laden's network allegedly does just that.
The Justice Department, citing the difficulty of monitoring and detecting cyber-communications among terrorists, is asking Capitol Hill to relax legal restrictions or force software writers to supply their secrecy code "keys" to the government in order to make it easier for agents to tap into everyday e-mail on a broad hunt for miscreants and de-scramble what they find.
Civil libertarians say such privacy invasions are unnecessary; efforts should be directed instead toward techniques to detect and disable cyber-steganography.
The intelligence community is hard at work with university researchers creating sophisticated detection programs that use complex algorithms to conduct statistical tests capable of identifying stenographic footprints.
One new software package of interest to the Air Force was developed by research professor Jessica Fridrich at Binghamton University in New York state. Called "Securestego," it allows a user to return a digital image modified by steganography to its original state - that could derail such a message before it could reach its intended receiver.
</bitter sarcasm>
Encription does not just involve passwords, which would be relatively easy to hack into with certain programs. Encription involves using public and private keys (long series of random characters) that must be shared. I encript using my public key and you decrypt using the private part that I shared with you earlier.
That's right they probably used a tool to accomplish some task. I also use tools and this one would come in handy for some tasks I might want to do. I'm not about to give a blank check to any government to check out my activities whenever they see fit. If the government, educators and certain other folks were not in the prohibition business, all of whatever planning and preparation they did in secret would have gone down the toilet if the pilots would have plugged 'em when they exposed themselves.
Most of them weren't supposed to be here anyway. It's the liberal handlers in govm't, media and education that are the problem, not Freedom and individual rights.
Many of us are aware of that, but are also aware that cyptographic methods are sufficiently well-known world-wide that sigint will be just about useless without humint to back it up.
Also, one point which many people miss is that there exist pencil-and-paper variants on the one-time pad which are more secure than any computer-based encryption (since pencils don't emit decodable RF signatures of what their users are doing).
Although steganography is much more convenient when using a computer than when using pencil and paper, even pencil and paper methods can, when combined with a one-time pad, make it very difficult for anyone listening in to even determine that there is any hidden communication going on and impossible for them to determine what is actually being said.
To clarify what type of system I'm talking about, let me give a (very slightly simplified) example. Before agent Max goes out into the field, Chief gives him one of the two copies of a "code-book" in existence; Chief keeps the other one. Both Max and the Chief keep their codebooks in locked sealed cases whenever they are not in use.
Although the contents are randomly-generated, each page of the code-book has the same format: a list of ten randomly-selected words at the top, preceded by digits 0-9, and then a larger list underneath. The first 26 words in the larger list have the letters A-Z written before them; the later words have a blank in which a single letter may be written in.
When the Chief wishes to send a message to Max, he must first compose the real message and then compose a 'cover' message. Composing the real message is probably the easier part; the only difficulties lie in making it as concise as possible and yet unambiguous. Word spaces and punctuation are elided except where ambiguity would result in which case the letter "X" is inserted. If the large word list on the page has 275 unique words, messages up to 250 letters long may be accommodated, though composing a plausible 'cover message' for something that long may be difficult.
If there were no need for a cover message, Chief would start out by writing out the word corresponding to the first letter of his real message, crossing that word of his list, and writing that letter in the blank next to the 27th word on the list. He would then write out the word corresponding to the next letter of his real message, cross that word off his list, and write that letter in the blank next to the 28th word, etc. The resulting "encrypted" message would be a bunch of random nonsense words which would be completely indecipherable without the a copy of the list that was used in its encryption.
If a cover message is needed, it must be carefully crafted so as to use all the necessary words in order, with whatever arbitrary stuff the Chief feels like putting in between them, with one important caveat. At any point when writing out the message, 26 words will be 'active'; the extra nonsense thrown in between words of the encrypted message must not use any of the active words or the resulting message will be garbled when Max tries to decode it.
Once Max receives a message, he decodes it using the appropriate page of his code book: he checks the words of the message one by one against the first 26 words in the code book list until he finds a match. He then crosses off that word and writes the letter that was in front of it in the blank before the 27th word. He then continues checking words of the incoming message until he finds another match; he writes the letter in front of that word in the blank before the 28th and continues in this fashion until he has gone through the entire message. Once he has decoded the message, Max then takes out his zippo and destroys the page he used to decrypt it, since he will never need it again.
If the word lists are truly randomly generated, it will be literally impossible for anyone intercepting the messages to decode them without a copy of the lists. Since every page has a different random list and is only used for a single message, deriving the contents of a page based upon knowlege of the plaintext and ciphertext will be useless. Additionally, since each page of the codebook is destroyed after use, capturing the code book would not allow someone to decipher previously-sent messages.
The one possible weakness in this system would occur if someone captured Max's codebook without Chief knowing about it. This possibility may be protected against, however, if Max and the chief have agreed on a set of number sequences for each day of the week (assuming that any two consecutive messages will be sent on different days of the week). Before the Chief reads max his encrypted message, he speaks a sentence containing the word from the top list corresponding to the first agreed-upon number (and no other word from that list); Max responds with a sentence containing the word for the second number, Chief replies with the third, etc. If Max (or an imposter claiming to be Max) fails this handshake sequence, Chief will know not to entrust him with any more communications using that codebook.
If this protocol is followed, then unless Kaos can copy the codebook without Max or the Chief being aware of it, the most Kaos would ever be able to gain would be a single intercepted message if they raided Max while he was receiving it. Although they would know the number sequence for the current day of the week, they would have no way of knowing the number sequence for any other day and thus no way of impersonating Max. Consequently, no future messages would be sent.
As should be obvious, the above communications method would probably be annoyingly clumsy to actually use; computers are much more convenient. On the other hand, provided Max was given enough code-book pages to handle all the messages he'd ever have to receive, the method would be completely unbreakable unless Max or the Chief allowed someone to copy their codebooks.
BTW good to see you freeping.
No, since other people have copies of the exact same material. A one-time pad is absolutely secure if, and only if, the key is generated completely randomly and each part of it is used [at most] once and then never against used for any purpose whatsoever. If two messages are sent using the same pad, it will in many cases be possible for an interceptor to decrypt both of them.
It should be noted that the typical cryptosystem used with a one-time pad makes it trivially easy to derive the key given a ciphertext and the corresponding plaintext. If someone has a copy of the ciphertext and can make a good guess as to the original message, one will in so doing be able to make a good guess as to the part of the key used in processing that text. The basis for the security of the one-time pad is that being able to guess the key in such circumstances buys a would-be codebreaker absolutely nothing.
To clarify another reason why this would be bad, suppose someone fond of 'book cyphers' encrypts a message using "alphabetic addition" and we intercept it. We intercept the message "CYEXEQTNLQHKHUIRYHROIMAVCPHKNFVRYO" and know that this person often begins his message with "GREETINGSX". So we subtract "GREETINGSX" from the letters at the start of the encrypted message and we get "WHATLIGHTT". If we guess the next word of his message might be "STRIKE", we end up with a key that starts "WHATLIGHTTPRQMYN". Not very promising. But if we happen to guess the next word is "ATTACK", we end up with a key that starts "WHATLIGHTTHROUGH".
At that point, it becomes very easy to guess that the key might continue "YONDERWINDOWBREAKS". If we guess that to be the case, decoding the rest of the message yields "ATELEVENPMTOMORROW".
Although I used Shakespeare for this example, the Quran is no less succeptible to that sort of analysis.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.