Pages: [1] 2 3   Go Down
Author Topic: Wikileaks "Insurance" File  (Read 3550 times)
0 Members and 1 Guest are viewing this topic.
0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

So last night I torrented the Wikileaks "insurance" file, and I want to hear what everyone has to say about Assange/Wikileaks.

And also if anyone knows how to even guess at the password for decrypting the file.  I can open it in notepad, but that doesn't allow me to enter a password to try and decrypt it.
Logged

Portugal
Offline Offline
God Member
*****
Karma: 6
Posts: 962
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Format of the file?
Logged

0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

aes256.  Basically the most intense kind of secure encryption there is.  It is the standard of the US government.  Here is a link describing the intensity of the encryption:
http://www.popsci.com/technology/article/2010-12/how-secure-julian-assanges-thermonuclear-insurance-file.
Logged

Global Moderator
Dallas
Offline Offline
Shannon Member
*****
Karma: 209
Posts: 13027
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
Basically the most intense kind of secure encryption there is
The encryption is only as good as the key.  If Assange's crew chose a good quality key, you will not break it.  If they didn't, a "dictionary attack" will break the encryption in short order.

My understanding is that the key is to be delivered via email.  In this case, it is reasonable to assume the key is long and random (good quality).  

It is also reasonable to assume that various governments and corporations are attempting to decrypt the contents.  And that Assange's crew assumes they will try to decrypt the contents.

In other words, trying to determine what's inside is a fool's errand.

Quote
I want to hear what everyone has to say about Assange
He's a sociopath.
Logged

0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

if by "dictionary attack" you mean brute force, it won't crack it anytime soon.  Actually it would take about a bazillion years to do that even with the best super computers today.  But I just want a way to put in a decryption key, and see what I get.
Logged

Global Moderator
Dallas
Offline Offline
Shannon Member
*****
Karma: 209
Posts: 13027
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
If by "dictionary attack" you mean brute force, it won't crack it anytime soon.
No, I don't.

By "dictionary attack" I mean a "dictionary attack"...
http://en.wikipedia.org/wiki/Dictionary_attack
Logged

0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Oh.  I had never heard of that.  I heard the key itself is 256 characters long, so it is literally unhackable.  But do you know what program I could use to enter a key and see what it gives me?
Logged

Ontario
Offline Offline
God Member
*****
Karma: 25
Posts: 888
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
256 characters long

Much smaller than that -- 256 bits

Go ahead and try to guess them.
Logged

Tacoma, WA
Offline Offline
Full Member
***
Karma: 4
Posts: 192
Arduino rocks
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

I think the file is just that, Insurance.. Generally to prevent assassination, or a decade+ visit to Cuba.. Whatever is in it must be HUGELY worse than anything out there, something almost unimaginably bad. Otherwise, it'd contradict his proclaimed values about the freedom of information.
Sadly, if the information in that file really is THAT bad, it's a shame it had to get distributed. Someday, it WILL get cracked. Encrypted files can ALWAYS be brute forced, eventually. Whether we have to wait for Quantum computers or just a couple more iterations of moore's law, one way or another, it'll crack, and it's as good as out there for the public already.
Logged

Brian from Tacoma, WA
Arduino evangelist - since Dec, 2010.

0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I don't think it's as simple as just waiting, because I'm pretty sure that by the time it can be brute forced, all of the people alive right now will be dead.
Logged

Global Moderator
Dallas
Offline Offline
Shannon Member
*****
Karma: 209
Posts: 13027
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
But do you know what program I could use to enter a key and see what it gives me?
I read the article.  Assange did not say how the file was encrypted.  The author assumes the file is encrypted with AES-256 because of the filename.  There's no way to know if the encryption really is AES.  The file could even be random garbage.
Logged

Portugal
Offline Offline
God Member
*****
Karma: 6
Posts: 962
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Put the folding@home crew brute forcing it, maybe mere days take to unlock it.
Logged

0
Offline Offline
Newbie
*
Karma: 0
Posts: 45
From birth to death, it is just like this.
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

Quote
Put the folding@home crew brute forcing it, maybe mere days take to unlock it.

Haha.  I wish.  But I still have doubts that even folding@home could brute force it within our lifetime.
Logged

Left Coast, CA (USA)
Offline Offline
Brattain Member
*****
Karma: 361
Posts: 17301
Measurement changes behavior
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

No matter what opinion of Wikileaks one has, support or opposition, I think it would be sad to see it be a frequent subject on the Arduino forum, even on Bar Sport. Yes I have a personal opinion but I would rather keep it to myself.

 Now talking and sharing about crypto as could be applied with an Arduino system, that is topic I would be happy to see more of. I was in teletype/crypto maintenance in the US Air Force in the late 60s, so the subject has always interested me sense and I had some knowledge and experience of the state of the art in crypto back then. But of course a whole lot has changed that I haven't even tried to keep up with.

  Still the simple one-time pad system is still the only provable unbreakable system in use, but it does have key pad production, distribution and management problems that doesn't lend itself to high volume, high speed modern applications.  It would be cool if someone made say a replica of the WW2 German Enigma machine using a Arduino. An on-line real-time encryption/decryption communications library for the Arduino might be a cool contribution to see.

Lefty  
« Last Edit: December 10, 2010, 12:53:54 pm by retrolefty » Logged

Wigan, UK
Offline Offline
God Member
*****
Karma: 19
Posts: 814
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

I'm not convinced of the benefit the leaks have.  
I think it's a shame wikileaks is now dedicated to whatever the latest big leak is rather than being a portal for people to leak stuff through, it makes wikileaks look self important rather than providing a service.

The Assange deportation thing is a bit odd.  It's for something that isn't a crime in the UK and the woman involved dropped the charges - or at least that's what a lot of the net is saying.  BBC news listed four crimes the Swedes wanted him for.
Logged

Pages: [1] 2 3   Go Up
Jump to: