Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

MS response to NSA key backdoor in Windows

Hemos posted more than 15 years ago | from the well-we-didn-t-mean-for-it-to-be-like-that dept.

Microsoft 344

CitizenC writes "Microsoft has responded to the report of the allegations of leaving a backdoor in all of its products for the NSA. "

Sorry! There are no comments related to the filter you selected.

Very interesting (3)

wampus (1932) | more than 15 years ago | (#1703717)

The following is a cut-n-paste of MS's response

---
Microsoft VBScript runtime error '800a000d'

Type mismatch: 'CInt'

/security/inc/scripts.txt, line 279
---

I don't know how anyone could argue with THAT.

Believable? Nope. (0)

Anonymous Coward | more than 15 years ago | (#1703720)

Think of Microsoft's past track record. How honest have they been in the rest of their "security bulletins"?

NSA Key "unfortunate naming" (1)

the_tsi (19767) | more than 15 years ago | (#1703723)

I'll buy that. I dislike MS as much as the next guy, but look at the other acronyms they use and how they conflict with other organizations/standards/etc. I had a suspicion of this when the article was first posted. Of course, there IS no way to determine if they're telling the truth or not... :)

-Chris

Followup (1)

wampus (1932) | more than 15 years ago | (#1703726)

And a followup:
---
The page cannot be displayed

There is a problem with the page you are trying to reach and it cannot be
displayed.


Please try the following:

Click the Refresh button, or try again later.
Open the microsoft.com home page, and then look for links to the
information you
want.

HTTP 500.100 - Internal Server Error - ASP error
Internet Information Services



Technical Information (for support personnel)

Error Type:
Microsoft VBScript runtime (0x800A000D)
Type mismatch: 'CInt'
/security/inc/scripts.txt, line 279

Browser Type:
Mozilla (X11; I; Linux 2.0.32 i586)

Page:
GET /security/bulletins/backdoor.asp

Time:
Sunday, September 05, 1999, 7:45:07 AM

More information:
Microsoft Support
---

Seriously, anyone got a mirror without all the active server bullshit?

Thats just swell (1)

Roofus (15591) | more than 15 years ago | (#1703729)



But they failed to mention whether it was possible to compromise windows security by replacing the backup key with your own. On the other hand, this is the first document I've ever seen from MS that doesn't contain snippets of propaganda everywhere.

I guess we know it's true (1)

FascDot Killed My Pr (24021) | more than 15 years ago | (#1703730)

Rather than let the truth get out, the NSA used their backdoor key to get in the take down the MS server....

Microsoft VBScript runtime error '800a000d'
Type mismatch: 'CInt'
/security/inc/scripts.txt, line 279

---
Put Hemos through English 101!
"An armed society is a polite society" -- Robert Heinlein

Problems in M$ statement (3)

Cironian (9526) | more than 15 years ago | (#1703733)

a) They claim there is a second key so it can be stored at a different physical location for disaster recovery. Why not just make a copy of key #1 for that?

b) If the 'NSAKEY' was really harmless, why did they in previous version remove the symbol for it (but not for the other key)?

I don't buy it (3)

QuoteMstr (55051) | more than 15 years ago | (#1703735)

The "we had to create a backup" approach works with a physical, tangible object, but with something as easily copies as a set of bytes, there is no excuse to create a second key. The first key could have been copied as many times as the first and second keys combined.

P.S. It's draconian for the NSA to limit what you could insert into an existing cryptogroaphy framework... even if that module is developed outside of the US! Pathetic.

P.S.S. I would have named such a key "Checkkey", "BackupKey", or something similar. NSAKey is simply too suggestive to even risk putting into a piece of code.

An Honest Question (1)

Nessak (9218) | more than 15 years ago | (#1703828)

I am not compleatly sure how MS Crypto works, so I am asking this not as flame bait. Is MS saying in this press release that the goverment dose not have keys ("Back doors"), but MS dose? Someone please clairfy this. Thanks

They just won't admit it... (3)

TedC (967) | more than 15 years ago | (#1703830)

...but NSA really stands for "NT Sucks Already".

I guess their explaination could be true, but I would still feel a bit nervous about using Windows after reading this. Fortunately this issue doesn't concern me. :-)

TedC

They be truthin' yous (1)

Anonymous Coward | more than 15 years ago | (#1703834)

"We do not share them with any third party, including the National Security Agency or any other government agency."

One would be deluding one's self if it were thought that Microsoft doesn't have senior level programmers, product managers, etc., on the payroll of the NSA. Microsoft is too big and too important for that not to be the case. Similar things occur in places like GE and Boeing (for perhaps more obvious reasons), and you can bet that MS is in the same boat.

That said, it is *extremely* doubtful that MS would have allowed this oversight to escape if the key had actually been a 'backdoor'. More likely they are telling the truth in this case.

seriously though (1)

t--f-c (76987) | more than 15 years ago | (#1703837)

Now here we have a company whose entire history in respect to its security has been a joke. Their idea of secure has been to use a simple hash to hide user's passwords. And then comes out this piece about the back door and people are genuinly surprised, come on!

You don't think M$ has a little hidden entrance for itself on top of that? I know it may seem a bit conspiratorial but you have to take into consideration the mindset of this company, basically absolutely ruthless. They'll do anything they have to in order to get ahead of the game, including in this case selling out their customer's security options just so they can sell overseas..

Now I realize I use M$ products for the time being but their policies I do not agree with at all. As for this hype, ask yourself are you genuinely surpised to find that it exists? This person isn't.

toufic

Backup key? Yeah, right! (3)

ptomblin (1378) | more than 15 years ago | (#1703841)

Can somebody explain to me why the primary key couldn't be stored in more than one place? Crytographically, having one key stored in two places is no less secure than having two keys, each stored in one place.

Hands up everybody who believes Microsoft's explanation? Nobody? No, I didn't think so.

Back Doors (0)

Anonymous Coward | more than 15 years ago | (#1703845)

Microsoft says they do not leave back doors in their products. Windows 95 Registration wizard anyone, anyone?

Come on! No back doors there.

Re:Problems in M$ statement (1)

E-Rock (84950) | more than 15 years ago | (#1703849)

I agree completely with point B, bad name. As for point A, if these keys will allow nyone with them to compromise system security, as we can see it does with the demo distributed in the original report, it'd be really bad news if someone else got a copy. Therefore I can see why there wouldn't be backups all over the place, also if the key in your version of windows was damaged the backup would prevent you from having to reinstall (always a good thing for me).

As for the NSA, they are evil, sneaky and powerful, so i can't believe Microsoft on this one. But I fully believe that even if the NSA isn't given a copy of the key, they could easily derive it. (PS. That's easily for them, not that it'd be easy to do)

Re:NSA Key "unfortunate naming" (2)

MindStalker (22827) | more than 15 years ago | (#1703852)

Of course, there IS no way to determine if they're telling the truth or not... :)
Well sure there is, if we could reverse engineer it back to source code, put out own key in it, recompile, then try to break in using that key. Only problem is the legallity of such an action, not the mention the difficulty in successfully recompling it. It would still be arguable either way afterwards.

Disclaimer (1)

Anonymous Coward | more than 15 years ago | (#1703856)

There is a disclaimer at the bottom of the page that says that information is as is without warranties of any kind.
Does this mean that any information on that page doesn't really mean anything at all?

Obviously!! (1)

simm_s (11519) | more than 15 years ago | (#1703858)

Microsoft is obviously going to lie about having a backdoor if it is a back door. There is a problem though why would the NSA need Microsoft to backdoor their product. Windows security is legendary in terms of openness (sarcasm). This does not seem the style of the NSA (well I don't know the style of the NSA), but this is silly. It is so silly I lean towards believeing the NSA has nothing to do with it.

Re:Backup key? Yeah, right! (1)

QuoteMstr (55051) | more than 15 years ago | (#1703868)

Yes. M$'s explanation is BS.

Rather sloppy for M$ (1)

bu_geek (45360) | more than 15 years ago | (#1703870)

Am I the only one who noticed a few grammer errors in the response? I wonder who approved the text. . . MS is not that sloppy with what they put out. Wonder who wrote it?

This is a fiasco (2)

MobyDisk (75490) | more than 15 years ago | (#1703874)

The original article made no sense to me. This was an attempt by the overreactive anti-Microsoft community to bring out yet another security flaw. Not that there aren't plenty already. The original article needed much more substantiation before it was brought to the press.

Frankly, I mistrust the freely available download to patch the bug more than I mistrust Microsoft's response. What a great way to fool people into downloading a virus: Call it patch!

Ofcourse it is true: MS does have a back door in Windows, it's called "ActiveX" or "Microsoft Office" :)

Some questions (1)

jflynn (61543) | more than 15 years ago | (#1703877)

Microsoft states that export controls are not affected. Yet I have heard several say that the NSAkey could be replaced by your own, thereby easily allowing strong crypto modules to be loaded by foreign customers of Windows. Who is wrong here?

Presuming the above to be true, and that it will be fixed in the next release, could this provide another disincentive for upgrade?

Don't you think the NSA might be a little pissed at MS for being dragged into this by a stupid mistake on their part? Not to mention the possible problem with strong encryption control.

Isn't it true that having two valid keys reduces the security of the keys against random guessing by a factor of two? Even if this is not terribly significant shouldn't it be something MS discloses to its customers?

Jim

Re:Problems in M$ statement (2)

Cironian (9526) | more than 15 years ago | (#1703879)

You say, you can see why they wouldnt have backups all over the place. But isnt having 'KEY' at M$ and 'NSAKEY' at the secret MS-Vault 99 just as safe/insecure as having 'KEY' at M$ and another copy of 'KEY' at the second location?

Although as easy as it is to hack into MS systems, I suppose the NSA key might rather be for NSA internal usage; that way they could sign crypto modules that they dont want anyone else to see.

Re:Problems in M$ statement (1)

QuoteMstr (55051) | more than 15 years ago | (#1703882)

Perhaps this was implimented by such an agent without the knowledge of his or her superior.

Yes another reason why OSS is better.... peer review. This could never happen without an extroadinary amount of effort on the part of distributors of tained binaries.

I'd rather have the gov't then Mircosoft (1)

HomerJ (11142) | more than 15 years ago | (#1703884)

From what I read of the response, it just gave Microsoft access, and they didn't give it out to third parties, including the gov't.

If I ran an NT server, I'd sure be happy that all the gooey goodness that is Mircosoft can go in and see if everything is ok, check on security updates, and get all the private information about my company so they can serve us better.

Ok, enough with the sarcasim (^_^), but this was just discovered and has been there since the begining. Makes you wonder all the stuff that's in NT that just hasn't been discovered yet.

Re:An Honest Question (0)

Anonymous Coward | more than 15 years ago | (#1703886)

Yep, that's what they are saying.

On the other hand, if the NSA wants these keys, the NSA has these keys; they are in the signal intelligence business, after all.

On the third hand, this issue only affects users who trust Microsoft-native cryptography and signatures. Would you?

And on the 4th hand, you don't need a back door to break into a Windows box, you just need the budget and manpower to find and exploit its inherent weaknesses. Consider how well amateur groups like lopht have done at this, then contemplate all those big, windowless buildings in Virginia...

Re:Problems in M$ statement (1)

QuoteMstr (55051) | more than 15 years ago | (#1703887)

Why doesn't M$ simply compile a custom version with the NSAKEY for the NSA, then? Why include the NSAKEY is *every* copy of Windows?

Re:Very interesting (1)

dattaway (3088) | more than 15 years ago | (#1703889)

Nice response to a security problem. It looks like obscurity to me.

More Lies from Redmond (2)

The Future Sound of (60863) | more than 15 years ago | (#1703892)

Don't believe anything that Gates says.

Of course they've left a backdoor open for the government; it's all part of their negotiations with the DOJ: They've been given the green light to secure a monopoly so long as the government is allowed to access each and every computer that has installed Windows.

It's so painfully obvious that it pisses me off when people try to refute it. The government is *counting* on your passivity!

Re:Problems in M$ statement (1)

blogan (84463) | more than 15 years ago | (#1703893)

OK, let's say that they are storing the primary key in one place (Which I don't believe). Wouldn't that mean that they are storing the backup key in one place? So two natural disasters would basically stop development of secure software for a majority of the world's computers? Granted, the chances are small, but still large enough considering the consequences.

Ahh... that explains everything! (1)

el_chicano (36361) | more than 15 years ago | (#1703895)

Why the backup key labeled NSA key?

This is simply an unfortunate name. The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as the NSA keys, and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.

Sounds like Orwellian double-speak to me. Up is down. In is out. NSA key is not for the NSA. Maybe Bill Gates' minions are taking disinformation lessons from the MIB of the NSA?

Where are Mulder and Sculley when you really need them...

Re:They be truthin' yous (1)

Jimhotep (29230) | more than 15 years ago | (#1703898)

"We do not share them with any third party,including the National Security Agency or any other government agency."

Is this a Clintonism?
We do not share them
^^^^^

Do they give them away?

Re:Backup key? -- No, really, they are right (1)

MobyDisk (75490) | more than 15 years ago | (#1703900)

Primary private keys don't get copied. They are P-R-I-V-A-T-E.

Example: The US govt stores private keys for on ONE computer, somewhere obscure, which has laser alarms, guards, etc. They even has computers where if someone touches them, they self erase to protect private keys!

Supposing MS is concerned about their keys, they would store those keys in one place, securely (probably on a Linux machine :)) And no copies exist. Making copies makes it no longer secure.

A better idea is to make a second, entirely different key, that the NSA or some other trustable organization can store.

Re:They be truthin' yous (1)

Adam Knapp (35401) | more than 15 years ago | (#1703902)

It's not quite that doubtful, especially if it came out by internal sabotage. A Microsoft employee could do it since they (by all accounts) are very tight lipped even between divisions a person with a conscience (insert joke here) working on their CryptoAPI could have slipped the version with symbols intact into the service pack.

Re:Believable? Nope. (1)

ashridah (72567) | more than 15 years ago | (#1703904)

microsoft don't have back doors. heh. hehehehe
very funny microsoft. ever heard of buffer overrun security issues.

Flaws in the Microsoft claim (0)

Anonymous Coward | more than 15 years ago | (#1703905)

1. They claim the key is for backup. They would keep multiple key copies. They have buildings worldwide. They do not need two keys, especially when the dual key setup compromises the architecture 2. The second key is there as part of their export compliance. Im sure this is true. Im also sure that the NSA are behind the requirement and own they key in question. Why would the NSA want a key. Simple. To distribute trojaned crypto to third parties with no risk of microsoft being awkward or even knowing. There have been repeated cases of US crypto abuse like this. Be worried. Im sure the NSA -forced- Microsoft into this. So be damned sure they forced lotus, netscape and other people too. Stick to safe open sourced crypto. Non USA crypto is likely to be trojaned by other governments too. And blame the NSA not MS

Re:Thats just swell (1)

zyklone (8959) | more than 15 years ago | (#1703906)

I don't see how even they could have turned this issue into propaganda but anyway, i still wonder why the key can be overwritten ..
The NSA is probably not to happy about that even if it is their key.

"That depends on what the word 'is' is." (1)

StormReaver (59959) | more than 15 years ago | (#1703909)

This is typical Microsoft double speak. The article flatly states that Microsoft doesn't put any back doors into their software, but then it says that Microsoft has inserted two decryption keys into all versions of Windows that will allow them access to any Windows computer.

Their explanation is laughable: The second key is a backup in case the first one is destroyed through some kind of natural disaster. They give the impression that they keep the single existing copy of the first key locked up in a vault somewhere when we can be reasonably sure the key exists in multiple forms scattered throughout many locations and computers, and on countless backup devices.

Then they claim that the second key is named NSAKey by an unfortunate coincidence, but that it has nothing to do with our beloved "let's suppress the masses" agency. They go even further to say that the NSA does not have a key (suggesting that MS would not give the NSA a key). All it takes is for the NSA to demand it from MS (assuming you believe they don't already have it) and MS will pee its pants from the effort of complying.

And then we finally arrive at the crux of the entire matter. There shouldn't be ANY built in keys for any reason. Not only does every MS document created with MS-Office clearly identify the author, but now MS (and by extension, any government agency) has a built in back door to nullify any type of security dependant on the cryptographic API. Who knows what other security and privacy breaches are built in. There just doesn't seem to be any safe haven from Uncle Borg and co.

Re:I guess we know it's true (1)

dattaway (3088) | more than 15 years ago | (#1703912)

Anyone have a working mirror of Microsoft's response? Their software seems to not be working.

the larger issue (1)

banky (9941) | more than 15 years ago | (#1703914)

From NTBUGTRAQ:
"Microsoft has two keys, a primary and a spare. The Crypto-Gram article talked about attacks based on the fact that a crypto suite is considered signed if it is signed by EITHER key, and that there is no mechanism for transitioning from the primary key to the backup. It's stupid cryptography, but the sort of thing you'd expect out of Microsoft."
I guess its sorta taken as a standard that someone else has, gee, found yet another weakness in MS. Even if its just an "academic" weakness.

Re:Very interesting (1)

Ludd Kilken (81957) | more than 15 years ago | (#1703915)

I assume you use Lynx. microsoft.com/security is built not to work with Lynx. Netscape will do it but it might require a reload. I assume MSIE works perfectly. This pisses me off. >:P

Could someone be a dear and post this page to slashdot?

Re:Backup key? -- No, really, they are right (1)

QuoteMstr (55051) | more than 15 years ago | (#1703917)

It doesn't matter. When one key is equally as effective as annother, for all intents and purposes, it's the same key! It doesn't matter if grabs one key or the other... they are equivalent. Plus, having two keys HALVES the time needed to crack it by brute force.

Re:An Honest Question (1)

Hobbex (41473) | more than 15 years ago | (#1703920)


It was never really a question of a backdoor in the first place. The keys in question allow Microsoft to sign the crypto modules used within the the CryptoAPI, and for Windows to reject modules not signed by those keys. If the NSA have a key, they would be able to produce fake crypto routines to replace CryptoAPI standard ones: obviously an advantage, but not enough to be a back door.

The reason they had to make it this complicated, and not just integrate the whole thing, is of course US Regime's anti-crypto campaign.

All this is IIUC.


-
/. is like a steer's horns, a point here, a point there and a lot of bull in between.

Not exactly so... (1)

mbac (82538) | more than 15 years ago | (#1703922)

I've sent a mail to CmdrTaco, asking for more coverage on the issue. Well, here it is, so I'll post the mail with a couple of thoughts (sorry, it's LONG):

As a /. author indicated before, an old CNN/IDG story (should be found here [cnn.com] ) confirms beyond any reasonable doubt that the NSA is involved with, and has authority over, any developing software that contains encryption of sort. The article hints that NSA makes arrogant, threatening use of U.S. encryption export laws in order to force companies to open 'reserved' backdoors in their software and/or to loosen their encryption.

Aside from that single key found in Windows, which might or might not be the actual backdoor for the NSA (IMHO, it all looks a bit too naive to
be serious), it's guaranteed that one or more security holes exist in all apps created for the world market, i.e. 99.8% of all software around, from Sun's to AOL's. This is particularly fearsome to people and companies, like me, who are not American.

No software is 100% secure, I know, and the power and means of government agencies are enough to break into anything they really want to. We all know they're implicitly authorized to do anything, legal or not, to pursue their interests.
Yet, this is not a matter of cracking into a drug dealers computer to trace down their bank accounts, it's not government vs. bad guys.

This is something pre-emptive, addressing good and bad guys alike, all over the world.

Software producers in the U.S. are bound to report to the government about each step they take in to security technology, and they're required to always keep a copy of the keys for Uncle Sam to easily walk in.

It's not all about security, though...

Companies are forced to hire demanding professionals to handle the relations with the NSA (this is also stated in the article), to delay
their products because they haven't 'loosened up' enough, to strip away features from their products, and so forth.

It's all in the article, and it's a lot more frightening (to the security-concerned) and irritating (to simple home users like me) than one *hypothetical* backdoor key in Windows.
For once, it's not a matter of Microsoft kissing up to the government, this is the government pushing down on *all* software producers alike to
grant itself access to every kind of encryption capable, secure software available.

This is quite big, and IMHO it deserves some more attention. Please let me know what you think.

Thanks for taking the time to go through this long rant, hope it was worth it!


die ms, die jarjar, just die everyone (0)

Anonymous Coward | more than 15 years ago | (#1703923)

who to trust? I am moving away from ms
on a happier note here is a song about linux
  • Oh linux you are so stable,

  • You are not a heffer when it comes to data,
    Oh linux you are so stable,
    Who else would be a slacker in a red hat going by the name little debbie?
    Oh linux you are so stable,
    I am just not getting free beer but cake too,
    Oh linux you are so stable,
    I would rather watch my kernel recompile than wrestle sable,
    Oh linux you are so stable, sexy, and sweetening,
AC

We'll never know without seeing the source code (1)

Get Behind the Mule (61986) | more than 15 years ago | (#1703925)

M$'s explanation may very well be true. I certainly wouldn't put it past M$ and the NSA to buildback doors into cryptography software, but it certainly hasn't been proven that the "NSAKEY" is anything of the kind.

If M$ just claims that there's no back door, then the public has no way of evaluating the truth of the claim. There's only one way to settle the question once and for all, and that is by releasing the source code.

depends on the meaning of words (0)

Anonymous Coward | more than 15 years ago | (#1703926)

Microsoft said they don't share their keys with other organizations. They're being truthful.

The important word is >their MS didn't say >We don't give others a way into our software.

Re:Rather sloppy for M$ (0)

Anonymous Coward | more than 15 years ago | (#1703929)

Am I the only one who noticed a few grammer errors in the response? I wonder who approved the text. . .

Take few of the latest M$ Security Bulletins, load into Word 97, press F7 - and wonder if the moron is the guy who created the Spell Checker in Word, or the person that writes Bulletins.

Re:Rather sloppy for M$ (1)

sqrlbait5 (67782) | more than 15 years ago | (#1703932)

"...suggested by the government, because we because we don't believe they are in the best interests of consumers or the industry..."

Whaaat? They probably don't even know what they're saying...

Text of Microsoft's response (3)

gleam (19528) | more than 15 years ago | (#1703933)

Microsoft Security Bulletin

There is no "Back Door" in Windows
Originally Posted: September 03, 1999

Summary
A report alleges that Microsoft "may have installed a 'back door' for the National Security Agency... making it orders of magnitude easier for the US government to access their computers". This allegation is false.

What's the allegation?
The report alleges that a cryptographic key that ships as part of the CryptoAPI architecture is labeled "NSA key" and constitutes a "back door" that could be used by government agencies to start or stop system security services on user's computers.

Is the allegation true?
No. Microsoft does not leave "back doors" in our products. This is in keeping with our historical stance on this issue. For instance, we have opposed the various key escrow proposals that have been suggested by the government, because we because we don't believe they are in the best interests of consumers or the industry.

Are there two keys?
Yes. However, both are Microsoft keys. We do not share them with any third party, including the National Security Agency or any other government agency.

What's CryptoAPI?
CryptoAPI is a Microsoft technology for providing cryptographic services. Vendors can develop stand-alone cryptographic modules called Cryptographic Service Providers (CSPs), which can then be called by any program via the CryptoAPI interface. For more information on CryptoAPI, see http://www.microsoft.com/security/tech/cryptoapi/d efault.asp.

What are the keys in question?
The keys are used to verify the digital signatures on CSPs.

Why do CSPs have to be signed? And why by Microsoft?
CryptoAPI is subject US export laws regarding cryptography. One element of this requires Microsoft to ensure that CryptoAPI will only load CSPs that meet US cryptographic export laws. This is done by digitally signing all CSPs. Before it loads a CSP, CryptoAPI verifies that the CSP has been digitally signed. Part of Microsoft's responsibility as the vendor for CryptoAPI is to sign the CSPs.

When a vendor has a new CSP that they want to release, they submit it for signing and show that all export licensing has been received. Microsoft then digitally signs the CSP, and it can thereafter be used by CryptoAPI.

Why are there two keys?
There is a primary and a backup key.

Why is a backup key needed?
The backup key is needed for disaster recovery. To see why, suppose we had only one signing key. If a natural disaster destroyed the building in which it were kept, all of the previously-signed CSPs would continue to function normally, because the key used for verification exists in every copy of Windows. However, Microsoft would need to sign future CSPs using a new key. In order for these CSPs to be verified, matching key material would need to be provided to all of the millions of customers using Windows 95, 98 and Windows NT. Clearly, this would be a massive undertaking.

This is why there are two keys. If something befell the primary key, Microsoft could thereafter sign CSPs using the backup key. Because the backup is already in every copy of Windows, there would be no disruption to customers.

Why the backup key labeled "NSA key"?
This is simply an unfortunate name. The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.

I heard that there is a third key in Windows 2000. Is this true?
There is a third key present in the beta versions of Windows 2000, but it does not provide a "back door". It is simply a test key that allows the developers to sign test CSPs while Windows 2000 is under development. It will not be present in the production version of Windows 2000.

Does this have any effect on CryptoAPI's compliance with US export law?
No. The CryptoAPI architecture is fully compliant with US export law.

Revisions September 03, 1999: Bulletin Created.




------------------------------------------------ --------------------------------

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

© 1999 Microsoft Corporation. All rights reserved.

depends on the meaning of words (0)

Anonymous Coward | more than 15 years ago | (#1703934)

Microsoft said they don't share their keys with other organizations. They're being truthful.

The important word is -their-. The NSA gave MS one of NSA's keys to incorporate into Windows. It wasn't an MS key being shared. See, it's easy when you know how to play with words.

MS didn't say -We don't give others a way into our software-.

When you understand these distinctions, you'll be writing performace reviews in no time.

One thing they don't address... (1)

Jeff Kandt (6763) | more than 15 years ago | (#1703935)

Microsoft says "The CryptoAPI architecture is fully compliant with US export law," but I don't see how that's possible, given what we've learned.

The way Microsoft complies with US export law is that the CryptoAPI won't run any module which isn't signed by Microsoft. This way they can make sure than each vendor's module is "crippled" for export before it can be installed on Windows. If you try to replace Microsoft's key with your own, then CryptoAPI won't run, because it can't validate its own code.

But, perhaps more important than the presence of the "NSA" key itself, Cryptonym showed that it's possible for the user to replace the "NSAKEY" with their own, and still have the rest of CryptoAPI function just fine. This means that the user can install any crypto module they want, without having it signed by Microsoft (aka approved by the government) first.

This would seem to be a major flaw in the mechanism which is supposed to enforce export law. It will be interesting to see if the flaw remains in future versions of Windows, or whether the US government will force them to fix it.

Re:NSA Key "unfortunate naming" (1)

kevlar (13509) | more than 15 years ago | (#1703936)

Why reverse engineer it and insert your own key, when you could have a distributed.net project to brute force the original public key?

deactivated... (2)

will (6647) | more than 15 years ago | (#1703937)


now, how could anyone refuse?

incidentally, this has accidentally been through both a mac and a linux box since leaving ms, and is therefore highly offensive to every single person who reads /. Handle with care.

Microsoft Security Bulletin

There is no "Back Door" in Windows

Originally Posted: September 03, 1999

Summary
A report alleges that Microsoft "may have installed a 'back door' for the National Security Agency... making it orders of magnitude easier for the US government to access their computers". This allegation is false.

What's the allegation?
The report alleges that a cryptographic key that ships as part of the CryptoAPI architecture is labeled "NSA key" and constitutes a "back door" that could be used by government agencies to start or stop system security services on user's computers.

Is the allegation true?
No. Microsoft does not leave "back doors" in our products. This is in keeping with our historical stance on this issue. For instance, we have opposed the various key escrow proposals that have been suggested by the government, because we because we don't believe they are in the best interests of consumers or the industry.

Are there two keys?
Yes. However, both are Microsoft keys. We do not share them with any third party, including the National Security Agency or any other government agency.

What's CryptoAPI?
CryptoAPI is a Microsoft technology for providing cryptographic services. Vendors can develop stand-alone cryptographic modules called Cryptographic Service Providers (CSPs), which can then be called by any program via the CryptoAPI interface. For more information on CryptoAPI, see http://www.microsof t.com/security/tech/cryptoapi/default.asp [microsoft.com] .

What are the keys in question?
The keys are used to verify the digital signatures on CSPs.

Why do CSPs have to be signed? And why by Microsoft?
CryptoAPI is subject US export laws regarding cryptography. One element of this requires Microsoft to ensure that CryptoAPI will only load CSPs that meet US cryptographic export laws. This is done by digitally signing all CSPs. Before it loads a CSP, CryptoAPI verifies that the CSP has been digitally signed. Part of Microsoft's responsibility as the vendor for CryptoAPI is to sign the CSPs.

When a vendor has a new CSP that they want to release, they submit it for signing and show that all export licensing has been received. Microsoft then digitally signs the CSP, and it can thereafter be used by CryptoAPI.

Why are there two keys?
There is a primary and a backup key.

Why is a backup key needed?
The backup key is needed for disaster recovery. To see why, suppose we had only one signing key. If a natural disaster destroyed the building in which it were kept, all of the previously-signed CSPs would continue to function normally, because the key used for verification exists in every copy of Windows. However, Microsoft would need to sign future CSPs using a new key. In order for these CSPs to be verified, matching key material would need to be provided to all of the millions of customers using Windows95, 98 and WindowsNT. Clearly, this would be a massive undertaking.

This is why there are two keys. If something befell the primary key, Microsoft could thereafter sign CSPs using the backup key. Because the backup is already in every copy of Windows, there would be no disruption to customers.

Why the backup key labeled "NSA key"?
This is simply an unfortunate name. The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.

I heard that there is a third key in Windows2000. Is this true?
There is a third key present in the beta versions of Windows2000, but it does not provide a "back door". It is simply a test key that allows the developers to sign test CSPs while Windows2000 is under development. It will not be present in the production version of Windows2000.

Does this have any effect on CryptoAPI's compliance with US export law?
No. The CryptoAPI architecture is fully compliant with US export law.

Yeah right (1)

Anonymous Coward | more than 15 years ago | (#1703938)

I don't really buy their answer, things get a little shakey here:

The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review.

This paragraph seems very strange in the context of all the others. They go to great lengths to explain to Joe User what it all means in all the other paragraphs with examples, but this paragraph is rather vague.

I think this is the key, (no pun intended!) they are saying that key has to be there to keep them in line with the NSA, but they don't explain what that means specifically.

The could have said that the NSA policy is that their system has to have a backup key, but they didn't say that. They said "compliance" and "technical review" two phrases I'd not like to see in the same paragraph as NSA!

Seem to me like they are brushing over this so they can cover themselves if some future truth comes out.

It seems to be Microsoft's policy to blatently lie about security issues "until a fix is ready for the public interest" - If the NSA do have a spare key for the CryptAPI then there cannot be a fix and so they'll cover the whole thing up. That would be in line with their policy!!

If this turns out to be the case, Microsoft will just cry that the NSA made them do it and even they can't screw with the NSA!!

The other critical point is the one made about the insertion of a new CryptoAPI key of the user's design. They don't even mention this though they happily quote from the article. Looks to me like thats pretty important too.

I hope other news sites will continue to pose this question to Microsoft and see if they can squirm out of this one!

Since 512bit RSA was cracked recently with not too much effort, I am pretty sure the NSA can break any public key crytography in real time. Check out their webpage and see the kinds of people they want (eg maths wizards)

I think that at the moment they love encryption, very few people using it and so they just break their keys and they can pick out the criminals without too much problem.

Once encrytion becomes mainstream (embedded in OS's etc) then this is going to be a major headache for them as they are going to have to crack everything. They know that once encryption is widespread people will start to ramp up the key lengths as CPU power increases. This is their fear and why they don't want crypto outside the US.

Wondering why they let it happen in the US? Because they have a million other ways to spy on you!

Believe big brother is *really* out there.



Re:This is a fiasco (0)

Anonymous Coward | more than 15 years ago | (#1703939)

Re: your comments:'The original article made no sense to me. This was an attempt by the overreactive anti-Microsoft community to bring out yet another security flaw'. Yer damn right it is! It's getting harder and harder to find people who are NOT anti-microsoft. Don't dismiss the good security work just because the author is a well informed, and knowledgable person.

Paranoid Thought of the Day (0)

Anonymous Coward | more than 15 years ago | (#1703940)

This whole affair is one more reason to distrust anyone who has faced/is facing DOJ anti-trust trials.

Who knows what under-the-table plea bargains have been/might be/will be reached and with which bunch of government spooks.

And if Microsoft gets a light slap on the wrist in the current trial, I guess everyone will understand what's going on (wink, wink, nudge, nudge).

MS does not share the key with anyone? (1)

Bobzibub (20561) | more than 15 years ago | (#1703941)

This could be strictly true. However, US crypto software has to be reviewed by the NSA before an export licence is granted. This, to me, means the NSA will still have access to the key.

The fun thing is that no matter what the truth is, in the eyes of most they will never be able to climb out of that hole. Especially after the Hotmail fiasco. Such timing. : ))

-Bobzibub

Re:Followup (1)

wilkinsm (13507) | more than 15 years ago | (#1703942)

Here is a quick cut and paste [geocities.com] of the main frame of the bulletin for you non-asped people. I know that we are not supposed to mirror, but I think of this as more as an "accessibility update". (Sorry, Geocities is slow today)

Personally I bought the idea that perhaps NSA wanted a means to install super-strong encryption into Windows without going through Microsoft. Now I think they are downright lieing. Time for the court order to open the source! The truth is in there...

Re:Not exactly so... (1)

QuoteMstr (55051) | more than 15 years ago | (#1703943)

I wonder what the NSA would be if a company began designing a product solely, from the beginning, for US-onyl distribution with Five megabyte (Yes, byte) keys... Has the NSA done anything for purely domestic software producters?

Re:Believable? Nope. (1)

phil reed (626) | more than 15 years ago | (#1703944)

That's not a back door, that's programming ineptitude.

Never attribute to malice that which can be explained by stupidity.


...phil

Re:NSA Key "unfortunate naming" (1)

mwillis (21215) | more than 15 years ago | (#1703945)

Rather than recompile - just hexedit the NSAKEY to something of your choosing. I think the Cryptonym folks refer to this as "removing the NSA".

Anyone buying this? (0)

Anonymous Coward | more than 15 years ago | (#1703946)

I *love* this one:

"Microsoft does not leave 'back doors' in our products"

In addition to grammar issues, this statement is laughable given MS's track record on Office-Windows-Outlook security "issues" :)
Do they really expect ppl to buy this line?

Re:Backup key? -- No, really, they are right (1)

ptomblin (1378) | more than 15 years ago | (#1703947)

Try reading what I actually said. If you have *two* private keys, that's EXACTLY as vulnerable as having two copies of one private key, because compromising either one of those locations gives you the keys to the fortress. Actually, it's more vulnerable because a brute force crack will find one or the other in half the time.

Re:More Lies from Redmond (1)

phil reed (626) | more than 15 years ago | (#1703948)

And your evidence for this is... ?

Feel free to provide it here. Saying "It's obvious" would not stand up in court. You must have some real evidence, otherwise you wouldn't be standing up in public making this sort of accusation. So, let's have the evidence.

Thanks in advance.


...phil

Re:Followup (0)

Anonymous Coward | more than 15 years ago | (#1703949)

Geocities is slow today..... vs what, any other day? ;-)

Re:Not exactly so... (0)

Anonymous Coward | more than 15 years ago | (#1703950)

You are right. Time to start grepping our favorite binary only software for spook-prints.

Re:We have a back door. BUT WAIT! ITS PROTECTED! (0)

Anonymous Coward | more than 15 years ago | (#1703951)

Come on...

Microsoft says it doesn't have a back door into Windows. But then it says it is the only entity that has posession of both keys... which allow them to install encryption software? (Back door.)

Which brings up another topic. How do we know they've treated those keys like a holy relic and prevented Joe Hacker Employee from snagging their key? And if the Windows key is cracked, what happens?

Now this line about two keys for Microsoft's DISASTER RECOVERY? Come on. Having two different keys that are valid is just the same as having two copies of a single key that is valid. They're LYING if they say it is for disaster recovery, or they're just plain STUPID about how their key works.

And we're also to think that each key is only kept at one site? And maybe even only one copy, and isn't covered by a data repository that could be backed up and restored at a different location? And they have to pull a piece of paper out of a vault every time they need to sign something?

Nice try at spin control, but Microsoft PR needs an upgrade. This version is buggy.

Thats a stupid argument (0)

Anonymous Coward | more than 15 years ago | (#1703952)

THe thing is that the NSA has far more power than the anti-trust division of the DOJ. DO you actually think the NSA would negotiate with anybody? One, because of their power, they simply don't have to, and two, they would never want to set a precedent that says that ehey had to meet anyone half way.

maybe they can't tell us... (1)

swonkdog (70409) | more than 15 years ago | (#1703953)

maybe this sounds a little conspiratorial (that's ok), but, just because microsoft isn't telling (what we precieve to be) the truth does not mean that they are lying either. we all know how microsoft loves to twist things, leave certain pertinate information out and tell things from 'a certain perspective' (a la obi wan kenobi), but, if they are doing things like building backdoors for the nsa, do we really believe that the nsa would let them tell everyone that? of course not. as much as it pains me to say it, we all know that windows (in some flavor or another) is by far the most widely used operating system for personal computers in the world. what does that mean? well, you're average terrorist or drug dealer or whatever is probably not running a linux/bsd/un*x box and probably not running os/2 either. we know that they don't use ms-bob (for those who don't know the security reasons behind this i'll explain below). so, what does that leave behind? i'm 99% sure as are most of you that these upstanding, law-abiding drug-lords/terrorists/etc. are using windows. now, instead of having our computer spys spend hundreds of hours cracking a system, why not have a backdoor? would the nsa want this to get out? of course not. microsoft is then payed off/bullied/given lieniency in court/whatever to keep this secret and deny it. don't other companies and indeed intelligence agencies the world over deny that they are doing something only to admit and declassify 20years later? ex. area51/stealth bomber/rosenberg trial.

i'm not out to take microsoft's side in this (not by any streach of the imagination) by making them look like the good guys, but, the fact that they have the so-called 'keys' is (to me) evidence inofitself that ms is working with the nsa. why else would they have them? i don't believe that linus torvalds or patrick volkerding have keys to my slack systems. i simply believe that they aren't telling us because they can't.

a few words on the security of ms-bob:
for those of you who aren't aware, microsoft bob was the by far the most non-optimal solution for a 'friendly operating system' that the world has ever seen. it was released approximately 7 years ago. it's whole interface cause scores of curious (as to what crap was being pushed) hacker to madness and reduced strong men to tears (of laughter). it was sold under the adline of 'everyone needs a nice computer'. anyhow, bob had 'password' capability. however, if the wrong password was entered three times, instead of locking the system, bob assumed that the user had forgotten their password and asked if they would like to erase the current one or set a new one. ah, the benefits of a secure ms-system! its kind of scary to think this came from the sick corporation that has the vision of 'windows ce' one day controlling the breaks in our cars.

Re:Very interesting (0)

Anonymous Coward | more than 15 years ago | (#1703954)

Gee, I've been getting the following from /., I wonder what it means? Really, aren't we being a little parinoid here?


----------------------------------
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, malda@slashdot.org and inform them of the time the error occurred, and
anything you might have done that may have caused the error.

More information about this error may be available in the server error log.


Apache/1.3.6 Server at linux361.dn.net Port 80
-------------------------------

cry f0ul (1)

joq (63625) | more than 15 years ago | (#1703955)

No one should be surprised about this backdoor left open to the NSA. Has everyone forgotten that the NSA snoops all things transmitted in the entire world?

Or has everyone actually forgotten the other agencies in cahoots with the NSA to provide unsecure data transmissions in every shape form or fashion worldwide?

Everyone can cry foul all they want but the sad reality is there is nothing anyone can do no matter how

hippiesh you think your going to get about the matter.

Hippiesh == reversion back into the 60's type radical fighting for a /dev/null cause

The NSA should not be taken lightly in the Linux community to those who aren't familiar to programming and coding, since anyone can backdoor scripts and bineries to have information mirrored to another destination.

Its a sad crying shame but its part of the worldy balance of good and evil no matter how cheezy it may sound.

What if there were no NSA, or FBI? How chaotic would things be, no matter how you think of it. Things
would be in a sad state worldwide. I in no way agree with the methods, and I highly doubt someone at the NSA would randomly pick someone to "monitor."

So unless you're doing something highly illegal why even bother pissing a bitch and flying off the rocker? While it is unethical it's the NSA... They're bound to snoop things one way or the other so the best way to handle the situation is to go on with life...

Re:"That depends on what the word 'is' is." (0)

Anonymous Coward | more than 15 years ago | (#1703956)

Firstly, as people have noted, the idea of needing two keys "just in case" is laughable and degrades security. If it's true (which I strongly doubt) it just shows them up as being ignorant of encryption issues, not a good thing when it comes to writing crypto APIs.

Secondly, noone yet has asked why is only one of the keys called NSAKey? Surely if, as they claim, the reason for the naming is because they are known colloquially as "the NSA keys" because they are "the keys the NSA require us to verify Crypto Service Providers with", they would be called NSAKey1 and NSAKey2 or something similar?

Thirdly, their puffing about "We have opposed the various key escrow proposals" is meaningless if they do have a backdoor, because if you were considering this in full-on Machievelli mode, you'd be tempted to think, "Well, instead of supporting key escrow and admitting the gov't has the keys, we could come out against it, while doing a deal behind the scenes. We get an apparently-non-escrow system past the gov't, reassure the public and make them think we're on their side, so they trust our system (not that nasty peer-reviewed non-M$ PGP thing) and then the NSA can quietly use the backdoor to sift through whatever they like!". But that would just be paranoid... ;)

Once and for all - not a back door. (1)

.pentai. (37595) | more than 15 years ago | (#1703957)

Ok, people, get this through your heads.

This is NOT A BACKDOOR.
It's a way of signing/verifying documents.
Don't you people remember having signatures on older .zip files, to guarentee it was from the author of a program? (ala PK Ware).

Does that mean pkzip 4.08g is a backdoor? no.

Re:Rather sloppy for M$ (0)

Anonymous Coward | more than 15 years ago | (#1703958)

Probably it was a progremmer. We all know progremmers can't spell.

Umm.... it might as well be an NSA key.... (1)

plunge (27239) | more than 15 years ago | (#1703959)

Has Microsoft ever heard of a thing called a "warrant?" There's simply no reason why any legal enforcement agency couldn't get access to M$'s key anytime they came up with probable cause and a good enough reason.

Re:Ahh... that explains everything! (0)

Anonymous Coward | more than 15 years ago | (#1703960)

This is the exact kind of bad jokes Unix programmers like. I, for example, would label a backup key as the 'NSA key' too...

Who is right? (1)

wilkinsm (13507) | more than 15 years ago | (#1703961)

From the bulletin [geocities.com] :
"The NSA performs the technical review for all US cryptographic export requests. The keys in question are the ones that allow us to ensure compliance with the NSA's technical review. Therefore, they came to known within Microsoft as "the NSA keys", and this name was included in the symbol information for one of the keys. However, Microsoft holds these keys and does not share them with anyone, including the NSA.
From the news article [cnn.com] posted above:
"But in an odd-couple sort of joint-partner arrangement, Microsoft and the NSA did work together to build what's called Server Gated Cryptography. Primarily intended to help banks use Web servers to do business internationally, the technology lets a server with a special digital certificate provide 128-bit encryption support to a Web browser outside the U.S."

Need I say more?

Re:I don't buy it (0)

Anonymous Coward | more than 15 years ago | (#1703964)

The "we had to create a backup" approach works with a physical, tangible object, but with something as easily copies as a set of bytes, there is no excuse to create a second key. The first key could have been copied as many times as the first and second keys combined.
Um, if someone was being malicious, they could just erase the keys throughout the system in one felt swoop.

As for the rest? Its justified, just as it would be justified to argue against it. I am still pojndering what side to side on.

Re:They be truthin' yous (1)

SpamHeart (6822) | more than 15 years ago | (#1703972)

"We do not share them with any third party, including the National Security Agency or any other government agency."

How do you spell subpoena?
Warrant?
Jeeeez.
DonC.

Re:Once and for all - not a back door. (2)

QuoteMstr (55051) | more than 15 years ago | (#1703973)

No, you fool. This allows anyone (or, prior to the discover of this Hole, the NSA, to replace your security and encryption module with a dummy one that could do anything... even transmitting your password and keys back to the NSA in a transparent form of Key Escrow. It's hole. Oh, and bwt, if pkunzip allowed anyone to unzip any password-protected zip file by using "bob" as the password, THAT would be a hole.

Re:Once and for all - not a back door. (1)

QuoteMstr (55051) | more than 15 years ago | (#1703974)

Oops, forgot a "\" there.

Re:Once and for all - not a back door. (1)

QuoteMstr (55051) | more than 15 years ago | (#1703975)

err, "/"

Why is the backup key labeled "NSA key"? (0)

Anonymous Coward | more than 15 years ago | (#1703976)

> The keys in question are the ones that allow
> us to ensure compliance with the NSA's technical
> review. Therefore, they came to [be] known
> within Microsoft as "the NSA keys", and this
> this name was included in the symbol information
> for one of the keys.

What this is saying is that because the NSA was involved in the review of their cryptography software, when they decided to make a second key for themselves, they would call it "NSAKEY"?

Even stranger, according to Microsoft, their second key has nothing to do with the NSA's technical review. It was added so that would have a backup of their key for disaster recovery.

But even THAT doesn't make sense, since if you are going to create a second key and store it at a second location, that makes less sense than simply storing a copy of the primary key at another location.

And what does Microsoft have to say about the security within their company of either key? Is it always kept under lock and guard? Is it embedded into an approval program? Nobody has ever had a chance to copy it? At both locations?

Even then, does anyone here believe that the NSA has been totally unable to crack it?

microsoft (0)

Anonymous Coward | more than 15 years ago | (#1703977)

i wonder who wrote this security advisory. maybe they shouldn't depend completely on microsoft word or whatever they use and try proof reading. "because we because we don't believe they are in the best interests of consumers or the industry. "

If the key is a backdoor to every Windows machine. (1)

android (3378) | more than 15 years ago | (#1703979)

Then it doesn't matter whether Microsoft gave it to the NSA, since they probably already have it.

Seems that we are finally getting what we wanted (0)

Anonymous Coward | more than 15 years ago | (#1703980)

Microsoft providing a clear, well-thought answer with no marketroidian bias? Seems that we are having success in making Microsoft do things better.

Maybe in a few years, Microsoft will cease being the Evil Company we all learned to hate and will become a friendlier one.

And without silly marketroids screwing everything.

make it up as they go along... (1)

flatrbbt (25980) | more than 15 years ago | (#1703983)

First they say "nsakey is just a note to ourselves that the nsa has inspected and approved this version..."

Well this is fine except for the fact that it is a key... people do not make notes on keys. Keys have one and only one purpose, to open locks...

Now they say it is a backup key.
So caught in their first lie, they make up another...

Lets look at this one.

A backup key, different from the first because the original key may be lost in a "natural disaster".

They cant keep the same key in two locations?
2 keys in the same location are more secure than 1 key at two locations? Doesnt the existance of 2 keys reduce the effectiveness of crypto by a factor of 2? So even if they have not releaased the key... It is now MUCH more succeptable to attack.

The only way to accomplish this "backup" is to have a second key that allows replacement of my crypto? without my knowledge?
yeah. right.

Export controls are not affected? How so. I can replace the crypto module, in violation of the laws of MANY countries.

Why has only the "backup" key has its name stripped for all these years?

They are called NSAKEYS becaause of the internal MS refeerence to them? Then why arent they called NSAKEY and NSABAK?

This is very similar to the magic database they were building "without transmitting data to Microsoft Corp". Must be nice to run an o/s thats smart enough to build and manage a database on its own.

They lied about it until they couldnt any longer, then simply stated it was an "oversight".

Once again, we have to determine their truthfulness by checking to see if their lips are moving.

Re:Problems in M$ statement (1)

um... Lucas (13147) | more than 15 years ago | (#1703984)

SORRY - I posted this the other day, but it seems appropriate to repost:
------------------------------------------------ --

PREFACE THIS WHOLE STATMENT WITH: "If the key does belong to the NSA..."

It is probably due to laziness on Microsofts part, or due to their marketing drones... I seem to recall the same thing occuring a few years back with Lotus Notes... The domestic version used 64-bit keys, while the "for export" version used 40-bit keys plus a 24-bit NSA key... The end result being that anyone interested in the data would face a 64-bit key (probably considered unbreakable a few years ago) while the NSA would only need to crack a 40 bit key (been breakable for quite a while)... This only applied to the exported versions, though.

Microsoft, in their marketing wisdom, probably chose not to have a domestic version and an exportable version, so as not to taint buyers of the exportable version with notion that it had easily defeated security. Therefore, they kept quiet about it, and did what Lotus did, but for their entire product line rather than just the part that was destined for sale outside the US...

I'd be much more angry with MSFT than the NSA... It's their (NSA's) job to collect information and spy, it's up to the people, businesses, and our gov't reps to try to

So how does this matter to me? (0)

Anonymous Coward | more than 15 years ago | (#1703992)

I use Windows but I don't see how this could be a problem. I'm not very technical but from what I understand this only does one thing. It 'allows' the OS to load encryption software. Now even if the NSA could 'allow' certain encryption into Windows, how does this let them 'get in' my system? Why couldn't I just trust PGP?

Re:I don't buy it (2)

QuoteMstr (55051) | more than 15 years ago | (#1703993)

What do you mean, "erase the keys througout the sysetm in one felt[sic] swoop"? rm -rf /? That's always a danger? I'm talking about having this key on multiple systems. Say... bill gate's person supercomputer, his flea's Athlon 650, and, of course, the omnipotent NSA. Creating a different key for each of those systems and hardcoding it into Windows (2k) only serves to reduce the brute-force key difficulty to 1/3 below nominal. That's like creating a version of *n?x that had two roots, "Bob" and "root", both without passwords. If you know one, what difference does it make whether you know the other? If you know both (as M$ does), what difference does it make whether a user hacks out one of them? A user is twice as likely to guess either "Bob" or "root" at the login prompt that he is to guess "root" alone, anyway. Say, for the sake of argument, M$ only does store two keys, one in Seattle, one in Redmond. Say Redmond is hit by an ICBM which happens to be targetted at the Microsoft building. M$ has now lost key #1. If they have key #2, they can continue to produce CryptoAPI modules. However, if they still have another copy of key #1, there is no difference!

Of course, it would be asinine to store only one copy of each key.

So, in short, having two keys allows:
1. No increase in security or reliability
2. An increased likelyhood of the key being cracked by brute force.

-----

NSA KEYS (0)

Anonymous Coward | more than 15 years ago | (#1703994)

NSAKeys or not, they are backdoor keys and THAT IS THE TRUE ISSUE HERE!!!.....no backdoors should ever be implemented in a project which is used worldwide...your reputation is at stake if you ever have your system compromised...WAKE UP!!

2.0.32??? (0)

Anonymous Coward | more than 15 years ago | (#1703995)

Jeez, get a life. Get at least 2.0.38 please.

Would you trust MS if there was only 1 key? (1)

Wiktor Kochanowski (5740) | more than 15 years ago | (#1703996)

Honestly, why does it matter if there are 1 or 2 keys? OK, so MS created another key and gave it to the NSA, then lied about it. How is this situation different than if they created only one key and simply shared it with NSA? And, of course, lied about it?

We don't have the source, so the question boils down to whether we can trust the provider, not how many keys they might make.

Stuttering is one sign of lying (0)

Anonymous Coward | more than 15 years ago | (#1703997)

What else can I say? Another sign is stupid excuses. Why couldn't they store one key in two places in case of a "wind storm."

While their explanation shows signs of lying, I can't understand for the life of me why, if the NSA wanted a "back door" into Windows, they wouldn't just demand a copy of the Microsoft secret key.

The penguin who cried wolf. (0)

Anonymous Coward | more than 15 years ago | (#1703999)

Even if this were a real issue no one would believe it. People (mostly the Linux community) have cried wolf way to many times. At this point everyone just assumes you are lying in order to promote your agenda.

Re:Problems in M$ statement (1)

os10000 (8303) | more than 15 years ago | (#1704000)

on sci.crypt was a message saying that anyone with
any sense keeps something as sensitive as a key
for 80m machines in a tamperproof hardware device.
Thus, if you got an earthquake or thunderstorm,
that device might interpret the environmental
factors as an attempt at breaking it and respond
by self-destructing. This would explain why a key
could get lost. I do agree, however, that they
could stick the same key into two such devices.
Also, I would not overwrite the NSA key with junk, but rather with the first key.

Re:Would you trust MS if there was only 1 key? (1)

QuoteMstr (55051) | more than 15 years ago | (#1704002)

Because this is proof - or as close we'll get to it without a suppeona:)

Re:Would you trust MS if there was only 1 key? (1)

QuoteMstr (55051) | more than 15 years ago | (#1704005)

Err, subpoena
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?