Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Old news - NSA trapdoor in ADVAPI.DLL

  • 10-05-2005 1:15pm
    #1
    Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,583 Mod ✭✭✭✭


    http://www.heise.de/tp/r4/artikel/5/5263/1.html - 04.09.1999
    But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.

    Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.
    Just makes you wonder how many more private easter eggs are in there.


Comments

  • Registered Users, Registered Users 2 Posts: 2,942 ✭✭✭Mac daddy


    Reminds me of Dan Brown's " Digital Fortress"


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    I could be wrong about this, but i was looking through ADVAPI32.DLL today, and noticed an odd initialisation of data..further into the code, i noticed it xor'd some input, and then encrypted the result with RC4.

    the key was 5 bytes, and 5*8 = 40 bits, A2,17,9C,98,CA

    I'm running Win2k with SP3

    after a search on the internet, i came up with this text in URL below.
    does anyone know more about this?

    http://www.cypherspace.org/adam/hacks/capi-hex.txt

    are those backdoor keys still there?


  • Moderators, Recreation & Hobbies Moderators, Science, Health & Environment Moderators, Technology & Internet Moderators Posts: 93,583 Mod ✭✭✭✭Capt'n Midnight


    Back in 1999 - http://en.wikipedia.org/wiki/NSAKEY
    Microsoft insists that the second key is present as a backup to guard against the possibility of losing the primary secret key. ... if the second key is also lost, Microsoft would need to patch or upgrade every copy of Windows in the world, as well as every cryptographic module it has ever signed.

    A third possibility is that the _NSAKEY enables the NSA or other agencies to sign their own cryptographic modules without being required to disclose those modules to Microsoft, which would allow them to create modules in-house that implement classified algorithms. Of course this capability would also enable an agency to sign modules that could be used to undermine the security of any Windows installation. Such speculation is usually followed by cynical comments on such undermining not being difficult even without access to the cryptographic API.

    Microsoft denies that the NSA has access to the _NSAKEY secret key.

    The key is still present in all version of Windows, though it has been renamed "_KEY2."


  • Closed Accounts Posts: 1,567 ✭✭✭Martyr


    It seems the primary key is functional to windows and not a backdoor at all.


Advertisement