A British Airways employee is going to prison for plotting terrorism. But the fun part is that he was pretty easy to catch, because rather than using standard modern encryption to secure his messages to co-conspirators, he chose to use 2,000-year-old substitution algorithms mocked up in MS Excel:
Bangladeshi Islamic activists who were in touch with Karim had rejected the use of common modern systems such as PGP or TrueCrypt in favour of a system which used Excel transposition tables, which they had invented themselves.
But the underlying code system they used predated Excel by two millennia. The single-letter substitution cipher they used was invented by the ancient Greeks and had been used and described by Julius Caesar in 55BC….
Despite urging by the Yemen-based al Qaida leader Anwar Al Anlaki, Karim also rejected the use of a sophisticated code program called “Mujhaddin Secrets”, which implements all the AES candidate cyphers, “because ‘kaffirs’, or non-believers, know about it so it must be less secure“.
Attention, terrorist allies of Anwar al-Awlaki — please ignore this arrest. Those non-believing cops just got lucky. No way did they crack your super-secure “move every letter one to the left” code….
By the way — what did this genius do at British Airways? Oh, right. He was an IT expert.
(h/t Bruce Schneier)