Convicted Terrorist Relied On Single-Letter Cipher
Hugh Pickens writes "The Register reports that the majority of the communications between convicted terrorist Rajib Karim and Bangladeshi Islamic activists were encrypted with a system which used Excel transposition tables which they invented themselves. It used a single-letter substitution cipher invented by the ancient Greeks that had been used and described by Julius Caesar in 55BC. Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim rejected the use of a sophisticated code program called 'Mujhaddin Secrets' which implements all the AES candidate cyphers, 'because "kaffirs," or non-believers, know about it so it must be less secure.'"
I read this story a few days ago. What strikes me is that I had invented better a encryption scheme when I was 16. See, I had read somewhere that certain letters (such as 'e') show up more times in English than other letters (such as 'x'). I also read that using frequency analysis is one way you can break single letter cipers. So, I did something that I was (was) rather proud of.
I found out the most frequent letters, and instead instead of having single letter ciper, I replaced each one with more than one other character. So, 'e' might have been '6', 'j' and 'q', while 's' in this scheme might have been '3', 'f' and 'o' (or whatever). I was attempting to foil any frequency analysis that someone (who I don't know) might have done on my secret messages.
Only trouble was, the first version of the program had a bug. I think it was underscore was replaced with the wrong character in the decryption phase. Once I caught that though, it was all good.
Of course, a couple of years latter I learnt about PGP and GPG and RSA and all that good stuff. I no longer rely on home-built faulty encryption that requires both parties to have the code to decrypted the message.
Appended to the end of comments you post. The maximum is 120 characters.
IIRC, they 'layman's historical introduction to cryptoanalysis' type overviews do often mention that more or less the earliest clearly recognizable use of frequency analysis cropped up among islamic scholars working on the problem of separating authentic Muhammad quotations from the assorted non-canon stuff that had crept in, by examining word frequency distributions across different passages...
The guy is a moron no matter who cracked the cipher, of course, because it doesn't really matter who, just whether somebody did or not(excluding the edge cases of certain comparatively modern ciphers, that might conceivably have been cracked in private).
Yeah, one day in undergrad I decided I wanted to make my own polyalphabetic substitution cipher, so I sat down and basically reinvented the Vignere cipher (actually the Gronsfeld cipher, which is identical except that the key is numeric. Also FWIW I was not in a technical major).
This story is made ironic by the fact that the Arabs were responsible for many historic advances in the history of pre-modern cryptography.
"Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
Being a terrorist grunt is a sucker's game.
Being a terrorist leader, on the other hand, is pretty much a combination of the best parts of being a cult leader and being an extreme sports enthusiast: Groupies, adulation, adrenaline, explosions, sponsors, probably more burqa-babes than you admit to in public...