>From: Adam Shostack <[EMAIL PROTECTED]>
>Sent: Dec 11, 2004 4:52 PM
>Subject: Re: Blinky Rides Again: RCMP suspect al-Qaida messages

...
>It seems consistent that Al Qaeda prefers being 'fish in the sea' to
>standing out by use of crypto. Also, given the depth and breadth of
>conspiracies they believe in, it seems that they might see all us
>cryptographers as a massive deception technique to get them to use bad
>crypto. (And hey, they're almost right! We love that they use bad
>crypto.)

They're going to have the same problems as the rest of us using strong 
cryptography--configuration and usability problems, key management hassles, 
incompatibilities between versions and programs, etc.  They have to do this 
with no central authority, no single support line or person who can reliably 
start things up and help them, in a basically decentralized way.  The 
cypherpunkish idea of a decentralized conspiracy using strong crypto only works 
if either the tools are a lot easier to use, or if the conspiracy is made up of 
cryptographically sophisticated people.  AQ is presumably made up of people who 
know a lot about the Koran, and probably a lot about day-to-day operational 
security against the Pakistani or Indonesian secret police, but there's not 
much reason to think they are very sophisticated about cryptography.  If you 
can't get most computer-literate people you know to use PGP to send you e-mail, 
how well is it going to work to do with a bunch of random jihadis?

-John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to