Decrypting bin Laden’s Hard Drives

With the news that the raid on Osama bin Laden’s compound resulted in the capture of at least 10 hard drives and over 100 miscellaneous data storage devices (CDs, DVDs, flash drives, floppy disks, etc.), a common question that’s come up on news sites is “So, how likely are we to be able to decrypt these things? How good is the best non-government-grade encryption, anyway?”

Pretty good. The actual algorithm used is generally AES-256, which is so far as anyone knows unbreakable. The only known way to bypass it is by guessing the key, and guessing a 256-bit key is computationally infeasible. Imagine the NSA has a computer that can break 56-bit DES — the standard government code of a decade ago — in a single second. If they had a billion of those computers (vastly more than they do, even though the NSA has acres of supercomputers), it would still take 5×1042 years to crack a single AES-256 key — that’s a billion billion billion billion times the age of the Universe. It cannot be done.

But here’s the good news for people trying to break into Osama bin Laden’s hard drives — they probably don’t need to crack AES-256. Implementing a crypto algorithm is really the easy part of cryptography — the hard part is key management. How do you keep track of the key (which is basically a 77-digit number) and make it usable by people? There are a variety of potential weaknesses:

1.) Crypto software often has bugs or environmental factors that leak keys. AES may be unbreakable, and software like TrueCrypt and PGP implement AES, but is their actual implementation perfect? It may not be — there may be bugs in the software that make extracting the key possible.

2.) Software doesn’t run in a vacuum. For instance, when running software on Windows, segments of code and data not in use are swapped out to disk. If the crypto key happened to be in memory and was swapped out, that key might remain on the disk for quite some time. A skilled attacker using forensics software might be able to obtain some or even all of the key this way.

3.) Because no one can remember a 77-digit number, generally not only is the data on a disk encrypted, but the key itself is encrypted with a password and stored next to the data. Unless the password is 50+ characters long, it’s actually a lot easier to try every possible password than it is to try every possible key. And short passwords (<12 digits to those of us in the civilian world, maybe up to 15-16 for the NSA) can be cracked instantly using a rainbow table. What's more, people re-use passwords -- if the same password as is used for the crypto software is also used to log into the PC, or into some web sites, or for multiple kinds of encryption, etc., it may be possible to attack some other, weaker system for the password and then use it to decrypt the key. The NSA probably has key-extraction scripts already written and ready to go for hundreds of kinds of crypto software, operating systems, etc. to prevent them from having to do the comparatively very hard task of cryptanalysis. With Osama bin Laden in particular, they may have another advantage -- due to the fear of CIA/NSA "back doors" in American and European cryptography products, there has been a tendency in Islamist movements to write their own cryptography software. Ironically, the back doors probably don't exist -- but writing your own cryptography software is almost always a recipe for disaster. The problem is that anybody can write a security system so strong that they can’t figure out how to break it, and many times they mistakenly assume that means nobody can figure out how to break it. Almost everybody gets cryptography wrong the first few times they try to implement it; if bin Laden were using some sort of “homebrew” crypto that hasn’t been peer-reviewed by a few dozen cryptanalysts, it almost certainly has a key-leaking bug in it somewhere.

Overall, despite that consumer-grade encryption is actually very strong and computationally infeasible to break, it is extremely likely that the NSA will be able to bypass whatever crypto Osama bin Laden used on his hard drives — if, indeed, he used any at all. They just won’t do it by attacking the crypto.

attacks, crypto, terrorism

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.