[7227] in cryptography@c2.net mail archive
Re: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Tue May 30 10:05:28 2000
Message-ID: <39333BA7.8C147CCB@msdw.com>
Date: Mon, 29 May 2000 23:55:19 -0400
From: Victor Duchovni <Victor.Duchovni@msdw.com>
Reply-To: Victor.Duchovni@msdw.com
MIME-Version: 1.0
To: Sergio Tabanelli <sergio.tabanelli@fst.it>
Cc: cryptography@c2.net, John Young <jya@pipeline.com>
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms58FCCE74E7FD8DFE24026F82"
This is a cryptographically signed message in MIME format.
--------------ms58FCCE74E7FD8DFE24026F82
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sergio Tabanelli wrote:
> Maybe this is not so important, but I have to repeat that in W2K OS the
> NSAKEY is still present but not used. All CSPs are verified only with the
> primary key and if the verification process fails the CSP module is
> discarded without any further verification.
This is exactly what one would expect with a backup signing key. While the
primary secret key is not lost, there is no imperative to also sign with the
secondary. In fact one would specifically not want to use the second key until
one has no choice. Are you sure that a CSP actually signed *only* with the
second key is rejected (an invalid first key should be rejected even if signed
with both, so there is no point in trying the second key)
Can you overwrite the NSAKEY in W2K with a key of your own and test a
suitably signed CSP? Of course they would likely have built in obfuscated key
integrity tests to make sure that installing CSPs not signed by M$ is not so
simple...
In any case the evidence for any real issues with NSAKEY is rather scant at
this time. Since neither key is used by non M$ CSPs, they cannot directly
compromise the security of the users. Even if the NSA can unilaterally sign
CSPs they first have to install a new CSP on your machine to get the bad guys
(and any of us who are not bad guys :-)) to use weakened crypto. What is the
suspected vulnerability introduced by the presence of the key in question?
With some notable exceptions most of the postings on this thread are of the
*me too* variety. We already know that security software is vulnerable to
deliberate and accidental flaws. Lets not restate the obvious.
In the spirit of freedom of unrestrained speculation I will conjecture the
following: Perhaps NSAKEY is there to social engineer the adversary not to rely
on encryption products, thereby reducing the impact of looser export controls
:-)
--
Viktor.
--------------ms58FCCE74E7FD8DFE24026F82
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIIKTQYJKoZIhvcNAQcCoIIKPjCCCjoCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
CD0wggUbMIIEhKADAgECAhAeGhZOi/FdITz5Ya0KdiqlMA0GCSqGSIb3DQEBBAUAMIGPMR8w
HQYDVQQKExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMSkwJwYDVQQLFCBNb3JnYW4gU3Rhbmxl
eSBEZWFuIFdpdHRlciAmIENvLjFBMD8GA1UECxQ4TW9yZ2FuIFN0YW5sZXkgRGVhbiBXaXR0
ZXIgJiBDby4gQ2xhc3MgMiAtIEluZGl2aWR1YWwgQ0EwHhcNMDAwMzIyMDAwMDAwWhcNMDEw
MzIyMjM1OTU5WjCB6zEpMCcGA1UEChQgTW9yZ2FuIFN0YW5sZXkgRGVhbiBXaXR0ZXIgJiBD
by4xIDAeBgNVBAsUF0NsYXNzIDIgLSBJbmRpdmlkdWFsIENBMUYwRAYDVQQLEz13d3cudmVy
aXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk2
MREwDwYDVQQMFAhFbXBsb3llZTEYMBYGA1UEAxMPVmljdG9yIER1Y2hvdm5pMScwJQYJKoZI
hvcNAQkBFhhWaWN0b3IuRHVjaG92bmlAbXNkdy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0A
MIGJAoGBANMZ6u8rFOBnA+8v4INod3cPVOzF2XtBPiDupd1EtJjjDX5mQk7SA/YWouwa3s1g
OH46YkajcWyy6kbOxCLZlpDeP9KzkHmHIJ24A9AWVOPM+W6TUAiWqK/ulI/cnYDeL9itGBzY
i3CPHtphRos6c51A84NS8WQZWjog0PrUNvQhAgMBAAGjggIYMIICFDAJBgNVHRMEAjAAMGQG
A1UdHwRdMFswWaBXoFWGU2h0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL01vcmdhblN0
YW5sZXlEZWFuV2l0dGVyQ29DbGFzczJJbmRpdmlkdWFsQ0EvTGF0ZXN0Q1JMMAsGA1UdDwQE
AwIHgDCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAoBggrBgEFBQcCARYcaHR0
cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJ
bmMuMAMCAQEaPVZlcmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0
ZC4gKGMpOTcgVmVyaVNpZ24wEQYJYIZIAYb4QgEBBAQDAgeAMBEGCmCGSAGG+EUBBgkEAwEB
/zCBvgYKYIZIAYb4RQEGDgSBrxaBrHlHR0ZmcU1PdEIzUWtDNHU4VmxERDdLMllJdnF0c0hY
dkdWemFITnV4NktjS09seWVzbFV5d3NuZ0JJNGp1a09LcVhobHdENGI3cnlZS3lvZXpiU2lN
eXlkWjl2MTBuUE9jSzFwRW9ZZjRyVkpuMFMvU2FIb0w0cHIyQ2FMa1FPczIxeWd3MmYrbjFr
UndZdGxpdzB3eXFpNUZoaWZTWEZPa0haS1YyTytuWT0wDQYJKoZIhvcNAQEEBQADgYEAD4NX
TMY8RDegaqcO6fS2NVMkG1fSBh21UUewGwgLLegufeEr18f2U2ac+zpLGu5/WPJjpdWRvLBA
rOTLWb1s8QjLt079UJRd1JW0TIkbjIv1uzSZmDjtNCNDACcBcPNP6KPGYlPI/nyiR8Nt4i0h
7JNNgBS27N3wKC9YFCwuzKUwggMaMIICg6ADAgECAhEAjHjAZkN+HYAolSapyvcyfTANBgkq
hkiG9w0BAQQFADBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1
BgNVBAsTLkNsYXNzIDIgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
HhcNOTgwNDMwMDAwMDAwWhcNMDMwNDMwMjM1OTU5WjCBjzEfMB0GA1UEChMWVmVyaVNpZ24g
VHJ1c3QgTmV0d29yazEpMCcGA1UECxQgTW9yZ2FuIFN0YW5sZXkgRGVhbiBXaXR0ZXIgJiBD
by4xQTA/BgNVBAsUOE1vcmdhbiBTdGFubGV5IERlYW4gV2l0dGVyICYgQ28uIENsYXNzIDIg
LSBJbmRpdmlkdWFsIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1mUR/KpkrVHfx
RivXjy0hlN7b0mmvTXH7pI030m+cJkaLZ4V8K50DMMLvEOcMXNwW0EhEeTiLTdrF7VmQNIeI
aa5ZN8vQGal6Uy1Zg/QY4LomtBeIFwmz1GkyNcnxodk3HH8UsAhhxxN/ofNlMmFYh1Vf83wF
/vxuSi+7kvYb5QIDAQABo4GkMIGhMCgGA1UdEQQhMB+kHTAbMRkwFwYDVQQDExBQcml2YXRl
TGFiZWwxLTQ2MBEGCWCGSAGG+EIBAQQEAwIBBjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBwEB
MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9SUEEwDwYDVR0TBAgw
BgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAY4G8DsKecmel3uL8rahe
drOWYJCAQzsy6vuR+xeCwdf4IsdHcgxOqDUWNc4znCQvBDrZhwhI+6oogQGoWvuKsuBNCIB8
gXuwjL9HMrf4mp6RM/sNDonVv1Xc3ZdpDB9pUgqBq04BaSmccHy+2GLNkL5/nny7l6mubSbV
eBMpmkgxggHYMIIB1AIBATCBpDCBjzEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y
azEpMCcGA1UECxQgTW9yZ2FuIFN0YW5sZXkgRGVhbiBXaXR0ZXIgJiBDby4xQTA/BgNVBAsU
OE1vcmdhbiBTdGFubGV5IERlYW4gV2l0dGVyICYgQ28uIENsYXNzIDIgLSBJbmRpdmlkdWFs
IENBAhAeGhZOi/FdITz5Ya0KdiqlMAkGBSsOAwIaBQCggYowGAYJKoZIhvcNAQkDMQsGCSqG
SIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAwNTMwMDM1NTE5WjAjBgkqhkiG9w0BCQQxFgQU
tHf60Hhp7IRwm3eeGs+kzlNjPS4wKwYJKoZIhvcNAQkPMR4wHDAKBggqhkiG9w0DBzAOBggq
hkiG9w0DAgICAIAwDQYJKoZIhvcNAQEBBQAEgYC/tHY5R+RnLSJji4QLK6l84rW6HHGnpPK8
VJfZrDUnh+shTqrZGprnqEH/iN7w0cyRcykl7421D6WUXN8pkKScpuCpvDG/0U31Zl0B6I4z
x/5otKg/B2MsB4TRS1qGT/M4fcb2Bw0M+2vTLeW2iTrCSR3XLwCEAZ6zXfvSlZH5zg==
--------------ms58FCCE74E7FD8DFE24026F82--
