Osama using PGP encryption?! WTF?@!

[ToBeMe]

Another thing (at least for the first two) you guys have also overlooked is........Bin Laden is his LAST name!😉 He actually has a neice & nephew that attend college in Boston and his sister lives in South Carolina!😉:Q

 

[sgopal2]

Check out this:

http://www.hushmail.com

"HushMail is the world's premier secure Web-based email system...Thanks to a unique key pair management system, Hushmail eliminates the risk of leaving unencrypted files on Webservers...These algorithms, combined with HushMail's unique OpenPGP key management system, offer users unrivaled levels of security."

Looks like these Taliban turds are using PGP to encrypt their messages then sending them using Hushmail....a double encryption. These fvckers are starting to piss me off more and more.

Did anyone find anymore info on the second email listed??

 

[piku]

<< There is also something called PGPFone that lets people communicate securely using phone lines...this would render phone taps useless. >>


Government regulation would make that illegal, I believe. Thats why analog modems are capped at 56k I think - anything higher and they cant trace it.

Now I'm sure you can do something like that over the internet encrypted, but using normal phone lines I don't think they would allow it. I could be completley wrong here though...

 

[zippy]

LOL!

Yeah, I'm sure he's using his name.

He might as well put "Terrorist Psycho" as the name.

 

[Descartes]

Am I the only one thinking sgopal2 is a little too gullible? 🙂

 

[vegetation]

Don't forget that there are hundreds of bin Ladens in Saudi Arabia, running the bin Laden Group -- a huge billion dollar company with stakes in construction, telecom, manufacturing, and chemicals, among other things.

 

[n0cmonkey]

The fact Bin Laden uses encryption combines with the knee jerk reaction the US gov is known for, it may soon be illegal to keep any information private. As I say here!

 

[db]

of course he uses pgp. why would he use something w/ a backdoor?
this is only common sense.

 

[sgopal2]

Here is the link to PGPfone at MIT: http://web.mit.edu/network/pgpfone/

 

[Justarius]

<< PGP uses (i should say used to the last time i checked) IDEA for encryption, RSA for key management and MD5 for hashing.

RSA math:
find two random large prime numbers p and q.

compute n = pq

find encryption key e, such that e and (p-1)(q-1) are relatively prime.

using the extended euclidean algorithm, compute the decryption key d, such that e and d are inverses of each other modulo (p-1)(q-1).

if message m is to be encrypted, then the encrypted message
c = (m ^ e) mod n

to decrypt the message,
m = (c ^ d) mod n

e and d are, in a manner of speaking, opposites of each other. what e can do, d can undo and vice versa. the decryption key d is kept private. the encryption key e is made available to the public. given d and n, if one was to figure out p and q, the algorithm would be considered broken. all these numbers are large - 1024 bits and more. factoring such large numbers is very slow by the standards of computing hardware available to the masses.

if i remember PGP correctly, the sender generates a symmetric key for the IDEA algorithm and uses it to encrypt the message. the sender then encrypts the IDEA key with the receiver's public key. optionally, the sender generates a hash of the entire message using MD5 and encrypts it with his private key. this last step is called signing. the receiver verifys the signature first, if it is present. he uses the sender's public key to decrypt the hash. then he independently generates a hash of the entire message and compares the two. if they match, he knows that the message actually came from the sender and not just anyone. then the receiver uses his private key to decrypt the IDEA key. the IDEA key is then used to decrypt the actual message.

PGP uses both symmetric and asymmetric crypto for performance reasons. asymmetric crypto is slow because of the exponentiation. symmetric crypto usually goes much faster because it uses bit permutation and substitution. >>



Boolerboy: I understand the RSA idea. However, can you explain to me how the MD5 hash works so that one can identify the signature of the message and how it prevents from being tampered with so that I don't have a problem where I THINK I'm getting a message from someone, but I'm not. I just want to have that clarified since I've always wondered how it works. Thanks.

 

[OS]

<< You can't make encryption illegal, pandora's box was opened 50 years ago when the idea was invented. We must deal with the fact that said encryption exists, not make silly laws that hurt internal industries while accomplishing no ready goal. The availability of said encryption makes credit card and banking transactions safe, it protects our entire economic, millitary and civillian enterprise systems.

Guns don't kill people, people do. Encryption doens't hurt people, people do. >>



Aha, a voice of reason. The entire US financial system depends on encryption, we buy things on the net using encryption, and you can be DAMN sure that US government agencies also use it for anything remotely important. Encryption is a double bladed sword, and IMO the good has so far infinitely outweighed the bad.

 

[n0cmonkey]

<<

<< You can't make encryption illegal, pandora's box was opened 50 years ago when the idea was invented. We must deal with the fact that said encryption exists, not make silly laws that hurt internal industries while accomplishing no ready goal. The availability of said encryption makes credit card and banking transactions safe, it protects our entire economic, millitary and civillian enterprise systems.

Guns don't kill people, people do. Encryption doens't hurt people, people do. >>



Aha, a voice of reason. The entire US financial system depends on encryption, we buy things on the net using encryption, and you can be DAMN sure that US government agencies also use it for anything remotely important. Encryption is a double bladed sword, and IMO the good has so far infinitely outweighed the bad. >>



Amen! And I would go to jail before even CONSIDERING telnetting to my machine... 😉

 

[almostmakingit]

here is link Terror groups hide behind Web encryption

 

[NuclearFusi0n]

<<

<< There is also something called PGPFone that lets people communicate securely using phone lines...this would render phone taps useless. >>


Government regulation would make that illegal, I believe. Thats why analog modems are capped at 56k I think - anything higher and they cant trace it.

>>



anything higher than 53k and the chances of crosstalk (your convo popping into somebody elses) greatly increase

it's not illegal, BTW, it's a fone call through the 'net

 

[n0cmonkey]

<<

<<

<< There is also something called PGPFone that lets people communicate securely using phone lines...this would render phone taps useless. >>


Government regulation would make that illegal, I believe. Thats why analog modems are capped at 56k I think - anything higher and they cant trace it.

>>



anything higher than 53k and the chances of crosstalk (your convo popping into somebody elses) greatly increase

it's not illegal, BTW, it's a fone call through the 'net >>



Thanks to knee-jerk political movements all un-breakable/un-backdoored forms of encryption coul dbe outlawed.