The actual funny story behind the presence of the NSA key has been seriously misunderstood here. CSP verification keys have only one *real* purpose: They are intended to enforce the US export restriction requirement that Microsoft is not allowed to ship software abroad that can easily be extended with strong cryptography. They are certainly not intended as any useful form of integrity protection for your system. The NSA got their own CSP verification key, because they want to be able to change their own secret US government CSPs required for the handling of classified documents, without having to go to Microsoft each time to get a signature for an NSA CSP update. Fair enough. So Microsoft built in a second verification key such that the NSA can produce and install on DoD PCs their own CSPs without requiring any Microsoft involvement. The real funny part is that Microsoft did not protect the NSA key particularly well, such that everyone can easily replace the NSA key easily with his own key. This was reported by Nicko van Someren at the Crypto'98 rump session. This means that everyone can now easily install his own CSPs with arbitrarily strong cryptography. This means that the NSA's demand to get quickly a second key added led in effect to the easy international availability of strong encryption CSPs. My guess is that this is Microsoft's sweet revenge against the NSA for creating all these Export hassles (e.g., the requirement that CSPs be signed) in the first place. It backfired nicely against the NSA. :) All this has nothing to do with an NSA backdoor, because the CSP keys are an export enforcement tool and not an integrity protection tool. They do not protect all parts of the system that could be compromised by someone who wants to install some eavesdropping malware. The CSP verification keys only authenticate that no cryptography that violates export laws has been installed. If you are worried about the NSA installing malicious software on your PC, you should not rely on the CSP verification keys (which were never designed for that purpose anyway), but on virus scanners with tripwire functionality that report any modifications to your DLLs. There is no digital signature functionality required to implement these, simple secure hash algorithms will perfectly do. Please apply a bit of simple critical thinking here: If the NSA wanted to have real backdoor functionality, they would much more likely simply steal Microsofts own keys instead of embedding additional keys with an obvious symbol name. Remember: The NSA is the world's largest key thief. They have stolen crypto variables from well-protected military and government agencies from all over the world using the usual repertoire of techniques (bribery, extortion, eavesdropping, hacking, infiltration, etc.). If they can do it with eastern military agencies, they can most certainly also do it easily with Microsoft, which is orders of magnitudes less well protected than the usual NSA target. If there is a real NSA backdoor key in Windows, that it would certainly be identical to Microsoft's own key. Markus -- Markus G. Kuhn, Computer Laboratory, University of Cambridge, UK Email: mkuhn at acm.org, WWW: <http://www.cl.cam.ac.uk/~mgk25/>
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:59 PDT