[117740] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: plausible CAPI recovery designs (Re: FW: Cryptonym...)

daemon@ATHENA.MIT.EDU (Dave Emery)
Thu Sep 9 17:20:18 1999

Date: Thu, 9 Sep 1999 16:58:23 -0400
From: Dave Emery <die@die.com>
To: Adam Back <adam@cypherspace.org>
Cc: cypherpunks@cyberpass.net
Message-ID: <19990909165823.D24516@die.com>
Mail-Followup-To: Adam Back <adam@cypherspace.org>,
	cypherpunks@cyberpass.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <199909090717.IAA18666@server.cypherspace.org>; from Adam Back on Thu, Sep 09, 1999 at 08:17:21AM +0100
Reply-To: Dave Emery <die@die.com>

On Thu, Sep 09, 1999 at 08:17:21AM +0100, Adam Back wrote:
> 
> 
> However, whilst this is plausible -- this is not what Microsoft are
> doing: the NSA key is accepted as a key that can be used to sign CAPI
> modules directly.  And as has been noted the NSA key can be patched in
> a completely simple minded way, allowing anyone to easily insert their
> own modules.
> 
	Is it in fact true that someone actually verified this by
decompiling enough of the DLL to unambiguously prove that NSAKEY is
completely equivalent to the MS KEY as far as signing crypto modules
goes ?

	And just to make sure,  has this also  been actually verified by 
overwriting NSAKEY with a public key with a known private half and
successfully loading and using a crypto module signed only with that
substituted key ?

	Also, what is known about *other* uses of the two keys, and the
authentication service they provide.   Does anyobody really know for
certain that they are *only* used to authenticate CAPI modules as part
of the ITAR nonsense ?   Or could they also be used to authenticate many
other objects as official Microsoft ?   It would certainly seem to me
that once one has such a facility, it might be useful as a means of
authenticating all sorts of Microsft debugging and anti-piracy back
doors.

	I suppose that if a version of the binaries with symbols left 
unstripped exists for NT/Office 2000/W98 it might be possible to get
some clues as to what else references any entry points in the CAPI DLL
related to the keys...

	Sorry to ask such simpleminded questions, but I haven't seen
clear answers...


-- 
	Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18


home help back first fref pref prev next nref lref last post