At Wed, 28 Feb 2001 08:49:43 -0800, Tim May wrote:

At 7:16 AM -0600 2/28/01, Jim Choate wrote:

...

---------- Forwarded message ---------- Date: Tue, 27 Feb 2001 22:23:04 -0800 From: Jon Stevens To: coderpunks@toad.com Subject: weird

...

...

The comment came from a letter that FBI officials said was encrypted on a computer diskette found in a package -- taped and wrapped in a black

plastic

...

...

trash bag -- that Hanssen dropped underneath a foot bridge in a park in Northern Virginia, immediately before his arrest.

The FBI decrypted the letter and described it in an affidavit filed in support of its search warrant.

...

#1. I wonder what was used to encrypt the letter and how they were able to decrypt it. Did he give them the password? Was the encryption weak (it would be funny if he had used DES)? Blah blah blah...

The FBI acknowledged that they'd done some black-bag jobs on Hanssen,

including wiretaps and access to his computer.

Not surprising at all that they had access to both his private key, assuming he was using something like PGP, and his pass phrase, no matter what system he was using. Keyboard sniffers are easy to install.

If he was using PGP to encrypt this letter for a deaddrop then having his private key would do no good. Only the recipiant's private key would make any difference. (Unless he had "encrypt to self" set on- which seems rather silly). I rather doubt that the Russian Secret Services would use PGP anyhow for encoding dead-drop messages. No, likely it was either something of (clearly inferior) Russian design, or it is a misleading quote. I suspect the latter. Why would the FBI allow to leak (much less leak themselves) the fact that they could decrypt whatever cipher the Russian handlers were using to give to their agents for dead drops? Quite the reverse. That's just basic OpSec. They would have invented some other plausable way to have obtained the information. Free, encrypted, secure Web-based email at www.hushmail.com