The words "steganography" and "cryptography" may not mean much to the average person but to Osama bin Laden and other suspected terrorists, these terms represent technologies that have reportedly assisted them in carrying out their terrorist acts.
Both cryptography and steg-anography are terms used to refer to freely available software encryption tools that scramble or hide electronic communications. Messages sent using such encryption are virtually impenetrable by authorities.
"Anyone who wants to disguise communications over the Internet can do it pretty easily -- with virtually no risk of being caught," said Benjamin O'Keefe, a Maryland-based Internet security specialist. "You don't have to be a terrorist to get the tools you need."
The tools O'Keefe is referring to allow secret messages to be sent over the Internet either through e-mail or within graphics files. The most popular and reliable e-mail encryption program is called Pretty Good Privacy (PGP). It has been around for years and is used to "scramble" an e-mail message beyond recognition. A special "key," or password, is created by the sender of the message, and in order to read the mail, the receiver must know and supply the key.
Steganography works by allowing users to secretly attach encrypted messages onto image files, sound files, or other types of digital data that would seemingly have nothing to do with written communications.
Collectively, this high-tech encryption technology can be used to subvert just about any type of surveillance activities currently in use. Following the terrorists attacks on New York and Washington on Sept. 11, authorities in the US reportedly contacted scores of encryption experts to help them figure out how bin Laden and his associates were using the Internet and such encryption methods to communicate.
The battle against encryption, at least for authorities, is huge. Steganographic programs are freely available over the Internet for downloading from sites such as Steganographic Software (http://members.tripod.com/steganography/stego/software.html). Pretty Good Privacy's home page (http://www.pgp.com) received thousands of hits each day. The program has been downloaded countless times and is available world-wide at no cost. Much of the software available over the Internet for encrypting messages or to piggyback messages onto graphics or other data files is, in fact, free.
But does this mean that the encryption tools freely available over the Internet probably aided the terrorists who attacked the US on Sept. 11?
Some have suggested as much. Marc Enger, formerly with the US Air Force's Air Intelligence Agency, informed news media after the attacks that bin Laden had relied on steganography to transmit messages to his associates throughout the world. The US' NSA, a top-secret agency devoted to ferreting out information from possible foes of the US, has reportedly been following bin Laden's use of steganography for the past five years.
In the US, this news prompted Republican Senator Judd Gregg, in the wake of the Sept. 11 attacks, to propose that software developers should be forced in the future to provide authorities with keys to encryption programs that they create.
But others are quick to point out that terrorist activities were born far before the use of the Internet became popular. Yet others have argued that bin Laden has reportedly relied not only on publicly available encryption tools but also ones created by Eastern European programmers whose software is not readily available. So even if laws forced legitimate software authors to release "cracking" codes to authorities, developers in certain locations could circumvent or ignore the laws.
RSS