Re: Crypto regulations
From: Ernst Lippe (ernstl-at-planet-dot-nl_at_ignore.this)
Date: 05/13/04
- Next message: Tom St Denis: "Re: Terminology question"
- Previous message: Bill Unruh: "Re: U.S. to build world's fastest computer"
- In reply to: Peter Fairbrother: "Re: Crypto regulations"
- Next in thread: Jim Steuert: "Re: Crypto regulations"
- Reply: Jim Steuert: "Re: Crypto regulations"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 13 May 2004 18:43:17 +0200
On Thu, 13 May 2004 14:43:44 +0100, Peter Fairbrother wrote:
> Alan Mackenzie wrote:
>
>> Oh, absolutely. Most likely, some bored programmer at MS on a Friday
>> afternoon decided to call a variable "NSA_key" just for a laugh, never
>> dreaming that the irony would backfire on him months later. As for the
>> political significance of this: probably none.
>
> Or perhaps it was to do with export versions of keys, or software, or the
> NSA's home version, or just a joke, or whatever.
>
> But Microsoft has never satisfactorally, or officially, or ever, explained
> what the "NSA_key" was, afaik. There have been "it might have been" and "it
> could have been" and "it probably was" stories, but nothing official.
>
> There is no single official MS explanation. We need one, one we can check,
> before we can even begin to believe. Right now.
>
> And one that explains _why_ it was _where_ it was.
>
> Without such an explanation, or a plausible reason why we are not allowed
> such an explanation, we have to think the worst.
>
> It is our duty as cryptologists, despite any nationalistic feelings we might
> have. The cryptographers can be partisan and have an easier time, but we
> cannot.
Microsoft's semi-official explanation was that the first key was only
available in secure hardware and that they needed the second key as a back-up
in case that they lost the first key. Essentially, there is nothing wrong with
this story. Deciding to keep the key only in secure hardware is in some
contexts a very reasonable design decision. Of course, it is very wise to have
backup copies in similar hardware, and I assume that they have them. But if
the system has been set up correctly, it is not possible to extract the keys
from the hardware.
The obvious alternative, using key-splitting and storing these in secure
places also has a lot of security problems. It is very easy to copy one of
the pieces and it very difficult to detect if they have been
compromised. There must be some redundancy in the split keys, because there is
a risk that one of the parts may be lost. It is very difficult in modern
organizations to appoint specific persons that are responsible for some part
of the key, because people frequently switch jobs. In a technocratic culture
like Microsoft I do not find it surprising, that they would rather trust
hardware than procedures.
But when the keys are only stored in hardware they could loose all copies when
a major disaster occurs. For such cases it would seem wise to have a backup
key so that you don't have to update all copies of the software.
So, I don't think that they is anything very implausible about Microsoft's
story. I am also not surprised that there has never been any official
statement, it is their official company policy to never make any technical
statements about the security of their systems unless they really, really have
to.
I find the alternative conspiracy theories far less plausible. The
main line usually is that the NSA added the key so that they could
easily provide their own CSP's. I really don't see why they would
need to have their own key for that. If you really believe that
the NSA is all-powerful they could have forced MS to give them
a copy of the key. MS has stated that it will sign any CSP
that was only intended for the US and that they do not test
the functionality of the CSP. So either the NSA could have
asked MS directly or they could have used some under-cover firm.
Even when you assume that the NSA did not trust MS with their own
CSP's, I don't really see the advantage of a CSP that has been
signed with the NSA key. After all, they will need access to
the computer system to install their own CSP, but when they
have access to the system, I don't see why they would not be
able to replace the entire crypto-API dll's as well. So the
only case where this NSA key could be useful was when they
are able to install their own CSP but where they are not able
to replace other Windows dll's. Given the security of Windows,
that is not a very likely scenario.
So, I am afraid that I don't think that this is a very interesting
conspiracy theory, even when it is true, it is only a marginal threat.
There are far more interesting and relevant problems in this
area.
Ernst Lippe
- Next message: Tom St Denis: "Re: Terminology question"
- Previous message: Bill Unruh: "Re: U.S. to build world's fastest computer"
- In reply to: Peter Fairbrother: "Re: Crypto regulations"
- Next in thread: Jim Steuert: "Re: Crypto regulations"
- Reply: Jim Steuert: "Re: Crypto regulations"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
