Microsoft, the NSA, and You -- Is export controll dead for Windows?
Mime-Version: 1.0 (NeXT Mail 3.3 v118.2)
From: Peter Langston <psl>
Date: Fri, 3 Sep 99 11:23:49 -0700
Subject: Microsoft, the NSA, and You -- Is export controll dead for Windows?
X-Lib-of-Cong-ISSN: 1098-7649 -=[Fun_People]=-
Microsoft, the NSA, and You
FOR IMMEDIATE RELEASE
Microsoft Installs US Spy Agency with Windows
Research Triangle Park, NC - 31 August 1999 - Between Hotmail hacks and
browser bugs, Microsoft has a dismal track record in computer security. Most
of us accept these minor security flaws and go on with life. But how is an
IT manager to feel when they learn that in every copy of Windows sold,
Microsoft has installed a 'back door' for the National Security Agency (NSA
- the USA's spy agency) making it orders of magnitude easier for the US
government to access their computers?
While investigating the security subsystems of WindowsNT4, Cryptonym's Chief
Scientist Andrew Fernandes discovered exactly that - a back door for the
NSA in every copy of Win95/98/NT4 and Windows2000. Building on the work of
Nicko van Someren (NCipher), and Adi Shamir (the 'S' in 'RSA'), Andrew was
investigating Microsoft's "CryptoAPI" architecture for security flaws. Since
the CryptoAPI is the fundamental building block of cryptographic security
in Windows, any flaw in it would open Windows to electronic attack.
Normally, Windows components are stripped of identifying information. If
the computer is calculating "number_of_hours = 24 * number_of_days", the
only thing a human can understand is that the computer is multiplying "a =
24 * b". Without the symbols "number_of_hours" and "number_of_days", we
may have no idea what 'a' and 'b' stand for, or even that they calculate
units of time.
In the CryptoAPI system, it was well known that Windows used special numbers
called "cryptographic public keys" to verify the integrity of a CryptoAPI
component before using that component's services. In other words,
programmers already knew that windows performed the calculation
"component_validity = crypto_verify(23479237498234...,crypto_component)",
but no-one knew exactly what the cryptographic key "23479237498234..." meant
Then came WindowsNT4's Service Pack 5. In this service release of software
from Microsoft, the company crucially forgot to remove the symbolic
information identifying the security components. It turns out that there
are really two keys used by Windows; the first belongs to Microsoft, and it
allows them to securely load CryptoAPI services; the second belongs to the
NSA. That means that the NSA can also securely load CryptoAPI services...
on your machine, and without your authorization.
The result is that it is tremendously easier for the NSA to load
unauthorized security services on all copies of Microsoft Windows, and once
these security services are loaded, they can effectively compromise your
entire operating system. For non-American IT managers relying on WinNT to
operate highly secure data centers, this find is worrying. The US government
is currently making it as difficult as possible for "strong" crypto to be
used outside of the US; that they have also installed a cryptographic
back-door in the world's most abundant operating system should send a strong
message to foreign IT managers.
There is good news among the bad, however. It turns out that there is a flaw
in the way the "crypto_verify" function is implemented. Because of the way
the crypto verification occurs, users can easily eliminate or replace the
NSA key from the operating system without modifying any of Microsoft's
original components. Since the NSA key is easily replaced, it means that
non-US companies are free to install "strong" crypto services into Windows,
without Microsoft's or the NSA's approval. Thus the NSA has effectively
removed export control of "strong" crypto from Windows. A demonstration
program that replaces the NSA key can be found on Cryptonym's website.
Cryptonym: Bringing you the Next Generation of Internet Security, using
cryptography, risk management, and public key infrastructure.
Telephone: +1 919 469 4714
Fax: +1 919 469 8708
1695 Lincolnshire Boulevard
Canada L5E 2T2
# # #
[See <http://www.cryptonym.com/hottopics/msft-nsa.html#details> for the
full details. -psl]
[See <http://www.cryptonym.com/hottopics/msft-nsa/ReplaceNsaKey.zip> for a
sample program that replaces the NSA key with a test key and leaves the
rest of the CryptoAPI system intact. -psl]
© 1999 Peter Langston