Mujahideen Secrets 2 Encryption Tool Released-harder to crack, but traceable

By Janine de Blois

Paul Henry of Secure Computing has analysed ‘Mujahideen Secrets 2′ and found it to have addressed most of the flaws in the original version. It has also added some sophisticated features and is much harder to crack. Henry said, “It will not be a difficult matter for law enforcement to identify files created using this software. You may not be able to read the messages, but you will be able to figure out where it was sent from and to whom.”

The developers have made several improvements over last year’s original version. The encryption on this version is 2048-bit, while the previous was 256-bit. It can be used to encrypt Yahoo and MSN chat messages in addition to email. It has the ability to encrypt a binary file in such a way as to make it possible to post it on offline sites, such as a bulletin board system accessed by telephone. Parts of RSA Security Inc.’s encryption code have been integrated in a way to allow key generation and management. In addition, one file does not need assistance to install and can run from a memory portable.

This version was released on password-protected Islamic forum al-Ekhlaas last month, which was running on a server based in Florida at the time. Previous to this al-Ekhlaas was available on a servers in Minnesota, Texas, and more recently one in Phoenix. These links are now broken.