Quantcast

How Terrorists Encrypt 2: Encyclopedia of Jihad

This part of Duncan Campbell’s talk is dedicated to the detailed review of known jihadist literature which is intended to facilitate terrorists’ activities.

After 9/11, U.S. legislators made a final attempt to bring in key escrow and to clamp down on Internet cryptography, but the new cryptography control bill collapsed in October 2001 when the U.S. Congress passed the very far-reaching Patriot Act, and Patriot Act did not include curbs on cryptography.

Facts on 'al-Qaeda Manual' and URL to translated copy

Facts on 'al-Qaeda Manual' and URL to translated copy

Just 6 weeks later, the world got the first insight into how terrorists encrypt or, at least, were taught to encrypt. This was because in December, they were desperate to get the Bill, the Patriot Bill, through the Senate; the U.S. Government published what they chose to call an “al-Qaeda Manual”. And this is it, that’s URL, it’s still live, right here, right now (see image), and it says it was found during a search of an al-Qaeda member’s home. It was found in a computer file described as the “military series” related to the “Declaration of Jihad”.

Original manual on Cryptome site

Original manual on Cryptome site

The manual contains 18 lessons in terror techniques. The original of the Manual is on John Young’s “Cryptome” site (see image). It’s originally in Arabic, and at the time it was written Osama bin Laden was helping run a guest-house for fighters attacking the Soviets, they were all supported by the West. The Manual was actually a war souvenir kept by a former fighter who’d been settled in Manchester. And you can tell it dates back 1999, because here, even in the American Government’s translation, it’s still referring in the last line to people in Russia, in the Army having to be in the Communist Party.

Photo of the actual 'al-Qaeda' manual

Photo of the actual 'al-Qaeda' manual

This is what the actual Manual (see image), you can see it’s a rather unusual sort of computer file. It isn’t a computer file at all in fact, it’s a hardbound paper document. Lesson 13 in this Manual is “Secret Writing and Codes, and Ciphers”. They set up various options for use with the 28-character Arabic alphabet. They are numerical, symbolic, and table encipherment documents, but nothing more complex than that. All of the ciphers in the “Jihad Manual” are actually simple monoalphabetic substitutions.

If you want to have a longer look at those instructions, they are not in the version put on the Department of Justice website; they are, however, in John Young’s “Cryptome” website which I put up earlier, you can go there and see it all translated into English. The full text is also in a special speaker folder for DeepSec participants, it’s been arranged timely by the organisers, that’s the address:
https://deepsec.net/docs/t/Keynote.zip
that’s the password: RPGogU4FNX3 .

'Encyclopaedia of the Afghan Jihad' – 2nd edition of the Manual

'Encyclopaedia of the Afghan Jihad' – 2nd edition of the Manual

During the 1990s that little manual evolved from a hundred-page document to a second edition of 11 photocopied volumes with over 5,000 pages (see image). A full set of the 2nd edition, “The Encyclopedia of the Afghan Jihad”, weighed 10 kilograms, and it was circulated amongst jihadist informed fighters who came to Afghanistan. In Arabic its title is “Muswada al Jihad al-Afghani” – “Encyclopedia of the Afghan Jihad”. Paper 2nd edition copies are rare, one was captured by police in Britain in 1998. Bizarrely, having captured it, they gave it back to its owner, this fine chap, Abu Hamza, and then they came back 7 years later, and arrested him for possessing it.

Titles of 'Encyclopaedia of the Afghan Jihad' volumes

Titles of 'Encyclopaedia of the Afghan Jihad' volumes

The volumes in the Manual are here (see image), but in fact, as for secret codes, cryptography, secret communication techniques there was nothing, nothing at all that we know about, that’s the paper 2nd edition then.

In the mid-1990s some American Islamists, the Amriki, arrived in the Pakistani jihad scene, they were people who were growing up in the United States, and they spoke English, they also spoke Nerd, and in February 1996 one of them who used the nom de guerre of Abdul Aziz, launched the project to enlarge the Encyclopedia as much as possible and to make it fully electronic for distribution. Here on the right is his checklist, this is the front of it, this is v.2, you can recognize the way the information is structured as being more intrinsically Western than Middle-Eastern, and it does have in 2.1, which is the 4th section down, “Computer Privacy”. You’ll find it’s nothing special, it’s something that any of you might have seen, if you’d been downloading from user lists during the 1990s, it’s just absolutely orthodox Western stuff, hacker stuff that doesn’t actually contain anything about cryptography. They put out “Computer Privacy” in ’96.

CD version of the Encyclopedia

CD version of the Encyclopedia

The next edition of the Encyclopedia came as a set of CD-ROMs (see image). They were sold in the bazaars and souks of South and East Asia from 1998 onwards. And they started out as not much more than scans of that huge paper previous edition. And at this stage “The Encyclopedia of Jihad”, “The Muswada”, was not an al-Qaeda project. These Amrikis did PDFs, of course, by 2000 there were over a hundred “Encyclopedia of Jihad” PDF files being circulated, and they ranged from military and sabotage manuals to ideological tracts and recipes for explosives.

Read previous: How Terrorists Encrypt: Threatscape Overview
Read next: How Terrorists Encrypt 3: Communication Tools

Like This Article? Let Others Know!
Related Articles:

2 comments

  1. Victor Craig says:

    the linked zip file of the keynote address has an infected file, do not download and open!!!!!

Leave a comment:

Your email address will not be published. Required fields are marked *

Comment via Facebook: