A 1.4 GB(gigabyte) file appeared on the Afghan War Diary page of Wikileaks.org late Friday night(EST). The file, which has been encrypted with AES256, was named insurance.aes and had a SHA1 checksum of cce54d3a8af370213d23fcbfe8cddc8619a0734c. The file is available for download by anyone via direct download, through a torrent, and now, through many mirrors as well. Aside from an encrypted file and a SHA1 checksum of the file, no other information was posted. This leaves the ominous file’s posting up for speculation, debate, and more speculation.

The file can be downloaded here: http://leakmirror.wikileaks.org/file/straw-glass-and-bottle/insurance.aes256

Considering that the Department of Homeland Security sent a couple of agents to the Hackers on Planet Earth conference a few weeks ago, where Julian Assange, the founder of Wikileaks, was scheduled to appear, it would make sense for Wikileaks to have some leverage over the U.S. government. The harsh rebuke Mike Mullen, the head of the Joint Chiefs of Staff, and Defense Secretary Robert Gates had for Wikileaks, would also be a cause for concern. It would appear that Wikileaks made the file public so that if anything were to occur to Julian Assange or anyone affiliated with the organization, the password string required to decrypt the file would be released. Whatever the procedure for releasing the files within the encrypted volume is, it is very likely that this file was posted to deter a possible attack by various arms of the U.S. government.

AES-256 is a secure cryptographic protocol, but has had demonstrated weaknesses. About a year ago, security researchers discovered that AES256 might be vulnerability to a related-key attack, the same attack that crippled WEP.  There are also side-channel attacks, which don’t directly attack the encryption method, but the implementation of the encryption method. With that being said, it is very unlikely that encrypted volume of files will be cracked as long as AES256 was properly implemented and the password string is sufficiently lengthy.

The government is by no means more competent than the private hacking scene, but it is possible that the NSA may be able to decrypt the AES-256 encrypted volume. Decrypting the volume likely wouldn’t help the government’s cause as they would only know what information would be released. The possibility of the volume containing garbage data or being filed with zeros still exists, so it may just be a 1.4 gigabyte bluff. A zero day method of cracking AES encryption might also exist. If the data were to be decrypted by some guy in his basement or a private corporation and then released, it would cause a bit of a problem for the U.S. government and Wikileaks.