Bugtraq mailing list archives

Re: NSA key in MSFT Crypto API

From: mab () CRYPTO COM (Matt Blaze)
Date: Fri, 3 Sep 1999 15:48:07 -0400


Here's what I said about this on another list:

I must admit that this doesn't make much sense to me.

I was at Crypto, but I must have missed the rump session talk in question
(and it's entirely possible that the talk occurred anyway - I was out of the
room for a good deal of that session).  In any case, non-Crypto people should
remember that the "rump session" consists of entirely entirely unreviewed talks
each lasting about five minute.  It is *not* a peer-refereed part of the
Crypto conference, just a place for people to announce new or minor results.
It is very easy to get a rump session slot, and people say bogus things at
the rump session all the time.

That said, I don't understand the point.  If the NSA wanted Microsoft to
quietly compromise the CAPI install mechanism (which is supposed to
require Microsoft's digital signature on the installed module -
thereby preventing the installation of non-US crypto and allowing CAPI
OS's to be exported), it would be *much* easier to do any of the following:
        - Convince MS to tell them the secret key for MS's signature key
        - Get MS to sign an NSA-compromised module.
        - Install some module other than CAPI to compromise the OS (only
          CAPI modules require the signature).

Regardless of the mechanism used, NSA still would still have to
convince the owner of the computer in question to install the
compromised module (perhaps by exploiting one of the other bugs in the
OS, which is admittedly probably easy enough to do).

Finally, assuming that MS has two public CAPI-install keys in windows,
and someone discovered this, how would they know that one of the corresponding
secret keys is held by NSA?  From looking at the web page in question,
it appears that the evidence consists entirely of the fact that one of the
CAPI keys has an internal symbol name of "_NSAKEY".  Since anyone
with a debugger and a copy of an MS OS can find this symbol, if this is
intended as some kind of covert mechanism, it's not very well hidden.

-matt

Current thread:

Re: NSA key in MSFT Crypto API David U. (Sep 03)
- <Possible follow-ups>
- Re: NSA key in MSFT Crypto API Matt Blaze (Sep 03)
  - Re: NSA key in MSFT Crypto API Tim Dierks (Sep 03)
  - local users can lock the console Domingos Bruges (Sep 06)
    - Re: local users can lock the console Felipe Gustavo de Almeida (Sep 08)
- Re: NSA key in MSFT Crypto API John Gilmore (Sep 03)
- Re: NSA key in MSFT Crypto API Markus Kuhn (Sep 04)