Bugtraq mailing list archives

Re: NSA key in MSFT Crypto API

From: tim () DIERKS ORG (Tim Dierks)
Date: Fri, 3 Sep 1999 17:15:08 -0700


It's not clear to me why being able to sign CSP modules is a risky thing
anyway; all it means is that Windows will load and execute your crypto. The
mechanism is designed to keep overseas end users from being able to build
and install strong crypto libraries. If the NSA has a key, all they can do
is vouch for their libraries as export-qualified and thus enable their use.

It's not a secret backdoor or anything, and modules need to be on the
machine before their signatures are checked. If I can get you to execute
code on our Windows machine, I can penetrate your security, period. These
authorizing signatures have nothing to do with it.

Even if the key belongs to the NSA, I suspect that the NSA just wanted to be
able to load classified Crypto Service Providers into Windows and didn't
want to have to send said classified software to Microsoft for approval, so
they got the key installed so they could approve software in house.

 - Tim

Tim Dierks
VP of Engineering, Certicom
tdierks () certicom com
510.780.5409 [Hayward] -- 905.501.3791 [Mississauga]

Current thread:

Re: NSA key in MSFT Crypto API David U. (Sep 03)
- <Possible follow-ups>
- Re: NSA key in MSFT Crypto API Matt Blaze (Sep 03)
  - Re: NSA key in MSFT Crypto API Tim Dierks (Sep 03)
  - local users can lock the console Domingos Bruges (Sep 06)
    - Re: local users can lock the console Felipe Gustavo de Almeida (Sep 08)
- Re: NSA key in MSFT Crypto API John Gilmore (Sep 03)
- Re: NSA key in MSFT Crypto API Markus Kuhn (Sep 04)