[5528] in cryptography@c2.net mail archive
Re: NSA key in MSFT Crypto API
daemon@ATHENA.MIT.EDU (William H. Geiger III)
Sat Sep 4 10:52:12 1999
From: "William H. Geiger III" <whgiii@openpgp.net>
Date: Sat, 04 Sep 1999 09:15:23 -0500
To: Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk>
In-Reply-To: <E11NDFq-0003Qs-00@heaton.cl.cam.ac.uk>
Cc: "cypherpunks@Algebra. COM" <cypherpunks@Algebra.COM>,
"'Salz,Rich'" <SalzR@certco.com>,
"Cryptography@C2. Net" <cryptography@c2.net>,
bugtraq@securityfocus.com
In <E11NDFq-0003Qs-00@heaton.cl.cam.ac.uk>, on 09/04/99
at 11:41 AM, Markus Kuhn <Markus.Kuhn@cl.cam.ac.uk> said:
>Please apply a bit of simple critical thinking here:
>If the NSA wanted to have real backdoor functionality, they would much
>more likely simply steal Microsofts own keys instead of embedding
>additional keys with an obvious symbol name. Remember: The NSA is the
>world's largest key thief. They have stolen crypto variables from
>well-protected military and government agencies from all over the world
>using the usual repertoire of techniques (bribery, extortion,
>eavesdropping, hacking, infiltration, etc.). If they can do it with
>eastern military agencies, they can most certainly also do it easily with
>Microsoft, which is orders of magnitudes less well protected than the
>usual NSA target. If there is a real NSA backdoor key in Windows, that it
>would certainly be identical to Microsoft's own key.
Markus,
Have you considered the idea that perhaps the keys are being used for more
than what M$ claims (not that M$ would ever lie to us <g>)?
If you were going to build a backdoor into a system at the OS level
wouldn't it be nice to add some PK authentication into it so only you and
no one else could make use of it?
I think that this may better explain multiple keys than the weak excuses
coming from the Redmond spin doctors.
Note: for those of you who don't think a big corporation like M$ would
compromise their systems for the NSA remember Crypto AG & Lotus.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------
