[145211] in cryptography@c2.net mail archive
Re: Wikileaks video "crypto".
daemon@ATHENA.MIT.EDU (David Shaw)
Fri Apr 9 16:35:11 2010
From: David Shaw <dshaw@jabberwocky.com>
In-Reply-To: <87eiioxx7e.fsf@snark.cb.piermont.com>
Date: Fri, 9 Apr 2010 15:33:39 -0400
To: cryptography@metzdowd.com
On Apr 9, 2010, at 3:06 PM, Perry E. Metzger wrote:
>=20
> Earlier this weeks, Wikileaks released of video of an incident =
involving
> an Apache helicopter which killed two Reuters reporters and a number =
of
> bystanders in Iraq.
>=20
> A number of the reports surrounding the release claim that the video =
was
> "decrypted" by Wikileaks. Indeed, Wikileaks requested "supercomputer
> time" via twitter and other means to "decrypt" a video, see:
> http://twitter.com/wikileaks/status/7530875613
>=20
> The video was apparently intentionally given to Wikileaks, so one =
can't
> imagine that the releasing parties would have wanted it to be =
unreadable
> by them (or that any reasonable modern cryptosystem would have be
> crackable). What, then, does the "decryption" claim mean here. Does
> anyone know?
According to an interview with Julian Assange (one of the Wikileaks =
founders) at http://www.sueddeutsche.de/politik/740/507892/text/ , the =
decryption was essentially passphrase guessing. =46rom Google =
Translate: "He and a team of cryptographers had then worked for about =
three months out. The aim was to find among a few million of the most =
likely the correct passwords."
See also http://www.youtube.com/watch?v=3D7QEdAykXxoM around the 1:22 =
mark.
For what it's worth, the original encrypted file (encrypted with =
OpenSSL's 'enc' tool it seems) is claimed to be at =
http://leaks.telecomix.org/cm.rda. They do not provide the passphrase =
that managed to decrypt it.
David
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
