-----BEGIN PGP SIGNED MESSAGE----- In <v03102800b0eab79afcbc@[208.129.55.202]>, on 01/20/98 at 12:43 PM, Steve Schear <schear@lvdi.net> said:
At 4:29 AM +0000 1/21/98, Peter Gutmann wrote:
How to recover private keys for Microsoft Internet Explorer, Internet Information Server, Outlook Express, and many others - or - Where do your encryption keys want to go today?
Peter Gutmann, <pgut001@cs.auckland.ac.nz>
Summary -------
Microsoft uses two different file formats to protect users private keys, the original (unnamed) format which was used in older versions of MSIE, IIS, and other software and which is still supported for backwards-compatibility reasons in newer versions, and the newer PFX/PKCS #12 format. Due to a number of design and implementation flaws in Microsofts software, it is possible to break the security of both of these formats and recover users private keys, often in a matter of seconds. In addition, a major security hole in Microsofts CryptoAPI means that many keys can be recovered without even needing to break the encryption. These attacks do not rely for their success on the presence of weak, US-exportable encryption, they also affect US versions.
As a result of these flaws, no Microsoft internet product is capable of protecting a users keys from hostile attack. By combining the attacks described below with widely-publicised bugs in MSIE which allow hostile sites to read the contents of users hard drives or with an ActiveX control, a victim can have their private key sucked off their machine and the encryption which "protects" it broken at a remote site without their knowledge.
Seems a good way to teach M$ a security lesson is to use Peter's code to snatch M$' ant significant keys on their corporate servers and publish. Of course, they're probably too smart to leave important data just lying around on unsecure '95/NT servers and instead use Linux ;-)
More than likely they have them tucked away on one of the AS/400's they are running at Redmond. :) - -- - --------------------------------------------------------------- William H. Geiger III http://users.invweb.net/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html - --------------------------------------------------------------- Tag-O-Matic: Dos: Venerable. Windows: Vulnerable. OS/2: Viable. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a-sha1 Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNMaGDI9Co1n+aLhhAQHicwP+NNIDJcNmdJjW294Pr6BEMvuOHmpcm8yk AijqKWmSerz/D/VDD1zh7FwRNhkMD9qEkEXO4molAIsomo49NgBs8MhEIBSW7FhC yj2lEZ5/xNGy+SVOoEpWywQD+KpU3FZftHIBUcQE0o7Wc+0AnjHfcUUDgjDkumCF 98Qe8bFqQyg= =Z4ph -----END PGP SIGNATURE-----