Microsoft NSA key Follow-Up

Signal 11 writes "Bruce Schneier at Counterpane has some interesting comments about the so-called NSA key embedded into all current versions of windows. " If you missed the fireworks, read the first story or Microsoft response.

You made the laws, now enforce them!

[Greyfox]

Microsoft or the MUTT team or Phil Zimmerman, exporting a crypto API is exporting a crypto API and illegal under the current US Crypto laws. Since Microsoft is breaking those very clear laws by shipping NT with a replacable key, every single one of us should demand that the US Commerce department pursue this case with exactly the same level of zeal with which they pursued Phil Zimmerman. Why haven't they already stopped all shipments of NT out of the country? Certainly if Phil was shipping PGP out of Redmond, the men in black would have already stormed his office and confiscated all his computer equipment.

Or are we proving once more that if you have enough money, you're above the law?

CryptoAPI still not trustworthy.

[MAXOMENOS]

I tend to agree with Bruce Schneider...Microsoft is probably not in league with the NSA to reveal all our secrets. But the CryptoAPI is still not trustworthy.

The strength of encryption is based not on how big the keys are (sorry, but 32kbit keys are just plain unneccesary), but on how hard it is to get the plaintext, based on the crypttext and other known information. If the secrecy of your credit card numbers depends on other people not knowing the algorithm, or the implementation, of your encryption, then your encryption is pretty darn weak. Once the algorithm leaks out (due to espionage or hacking), your secrets are out.

The best encryption for one to use has five components working for it:

1. The algorithm is known
2. The implementation is known (open sourced)
3. The details of the development are public knowledge (this is why I would trust Twofish over, say, 3DES)
4. The method has been analysed for possible backdoors and is considered secure
5. The keyspace is large enough to make brute-force search impractical

In the case of the CryptoAPI, we don't have an open-source implementation, nor do we know the details of the development of the CryptoAPI. Microsoft has all this information and isn't about to release it to anyone. Because of this, we don't know if the analysis of the CryptoAPI is sufficient. Therefore, we should consider Microsoft's CryptoAPI package untrustworthy.

Roswell Revisited

[brennanw]

Ladies and gentlemen, we apologize for this simple misunderstanding, but apparently the $NSAKEY was not, I repeat, was NOT, an NSA backdoor. After a thorough investigation and careful examination of all facts, it turns out that $NSAKEY was actually a weather balloon flying over some swamp gasses.

Previous reports to the contrary are false. Indeed, they never happened. In fact, I don't remember any previous reports to the contrary. In truth, I don't even know why I'm telling you any of this, because we have received no credible reports of an NSA Backdoor in any windows platform.

Next week we will start investigating reports that farmers are finding strong encryption algorithms burned into their crop fields. Until we discover more about this pheonomena, we are banning all crop exports immediately and reclassifying corn, wheat, and other grains as munitiions.

Thank you for your support in this matter.

Signed,

The Federal Government

I did NOT sleep with that woman.

[flatrbbt]

Unfortunately, MS suffers from the same credibility gap as certain others do. The surest way to know they are lying is to check and see if their lips are moving.
Even after their answers, The questions remain.

Why are there 2 keys?
Why are the keys replacable?
Who has had access to them? aside from a hoarde of programmers doing daily builds.
Doesnt the daily build mean the two keys are stored in the same building?
Is only 1/2 oh this building "natural disaster proof"?
What happens now that the key locations are known?
How long before they are cracked?
Once they are cracked, cant I use ms_key to replace nsa_key?
Have your keys been replaced?
Will they be replaced again.
Can they be replaced via activeX/java?

All in all, I find the story without credibility.
The tone in his second writing does not support the tone of his first.
What changed his mind? Why is this such an insignificant security hole in comparison to the major hole at the time of the first writing?
Who convinced him otherwise?

I am sorry, but having listened carefully to this and other arguments presented by MS and its minions, I will need some convincing.

Until then, I will continue to recommend that all MS products be removed from "secure" corporate machines.

Steve Ruyle

The real importance of the NSAKEY debacle

[The+Welcome+Rain]

The true importance of this news item never had anything to do with practical matters of security. If you're concerned with and knowledgeable about computer security, you're probably not using Windows -- especially if you're trying to keep the NSA out.

The real issue is the effect this story will have on Microsoft's international image. They are already considered to be very Americocentric (as are many other American companies, to be fair). Remember Microsoft's refusal to produce an Icelandic version of Windows? They ticked off lots of non-Americans with that move, not all of them in Iceland.

The idea that Microsoft would truckle to the whims of an American intelligence agency only worsens the problem. It didn't turn out to be true, but people aren't going to remember that. They'll remember the accusation far longer than they'll recall the exoneration.

It sucks, but the truth just isn't an important factor in shaping public opinion. Microsoft lost big on this one.

--

Beleiving everything you read.

[SteveX]

This whole issue has been fun to watch. When I read the first message about how Microsoft had the NSA key in Windows, I kinda wondered if they would really do that.. Couldn't really decide either way.

But the number of people that read it and instantly assumed it was true was astounding. I've had friends ask me out of the blue about it. I've heard of it through mainstream media. I've seen story after story about it.

Most of the the media people still won't admit it was jumping to conclusions. That's what really bothers me. They're mostly sticking to the "well Microsoft says it's false but who can know for sure" lines to cover their own asses (and credibility).

A Wired story says "Questions lingered Friday over whether or not security experts overreacted to a scientist's charge that Microsoft built a backdoor in Windows for a US spy agency to enter". Isn't it fairly clear that they overreacted? Or is this going to happen again the next time?

(If it's a real issue, like the Hotmail thing, then they deserve to get slammed... but come on, let's verify this stuff before we go nuts).

The author's credentials

[Pac]

Bruce Schneier:

- Wrote "Applied Cryptography", the best introductory book to the field of cryptography and cryptanalysis;
- Wrote the Blowfish algorithm;
- Wrote with others the Twofish algorithm, one of the finalists of NIST's new Advanced Encryption Standard

There is a lot more. Look around the site...

Here's a better explanation:

[mrneutron]

From BugTraq. It's not on their archive (yet) at www.securityfocus.com, but will be soon:


From: Markus Kuhn
Subject: Re: NSA key in MSFT Crypto API

The actual funny story behind the presence of the NSA key has been
seriously misunderstood here. CSP verification keys have only one *real*
purpose: They are intended to enforce the US export restriction
requirement that Microsoft is not allowed to ship software abroad that
can easily be extended with strong cryptography. They are certainly not
intended as any useful form of integrity protection for your system.

The NSA got their own CSP verification key, because they want to be able
to change their own secret US government CSPs required for the handling
of classified documents, without having to go to Microsoft each time to
get a signature for an NSA CSP update. Fair enough. So Microsoft built
in a second verification key such that the NSA can produce and install
on DoD PCs their own CSPs without requiring any Microsoft involvement.

The real funny part is that Microsoft did not protect the NSA key
particularly well, such that everyone can easily replace the NSA key
particularly well, such that everyone can easily replace the NSA key
easily with his own key. This was reported by Nicko van Someren at the
Crypto'98 rump session. This means that everyone can now easily install
his own CSPs with arbitrarily strong cryptography. This means that the
NSA's demand to get quickly a second key added led in effect to the easy
international availability of strong encryption CSPs. My guess is that
this is Microsoft's sweet revenge against the NSA for creating all these
Export hassles (e.g., the requirement that CSPs be signed) in the first
place. It backfired nicely against the NSA. :)

All this has nothing to do with an NSA backdoor, because the CSP keys
are an export enforcement tool and not an integrity protection tool.
They do not protect all parts of the system that could be compromised by
someone who wants to install some eavesdropping malware. The CSP
verification keys only authenticate that no cryptography that violates
export laws has been installed. If you are worried about the NSA
installing malicious software on your PC, you should not rely on the CSP
verification keys (which were never designed for that purpose anyway),
but on virus scanners with tripwire functionality that report any
modifications to your DLLs. There is no digital signature functionality
required to implement these, simple secure hash algorithms will
perfectly do.

Please apply a bit of simple critical thinking here:

If the NSA wanted to have real backdoor functionality, they would much
more likely simply steal Microsofts own keys instead of embedding
additional keys with an obvious symbol name. Remember: The NSA is the
world's largest key thief. They have stolen crypto variables from
well-protected military and government agencies from all over the world
using the usual repertoire of techniques (bribery, extortion,
eavesdropping, hacking, infiltration, etc.). If they can do it with
eastern military agencies, they can most certainly also do it easily
with Microsoft, which is orders of magnitudes less well protected than
the usual NSA target. If there is a real NSA backdoor key in Windows,
that it would certainly be identical to Microsoft's own key.

Markus