RE: Hidden WebTV signatures

17 Dec 2003


      --- begin forwarded text


From: Pablo Calamera <pablo@microsoft.com>
To: "'Robert Hettinga'" <rah@shipwright.com>,
        "'mac-crypto@vmeng.com'"
	 <mac-crypto@vmeng.com>
Subject: RE: Hidden WebTV signatures
Date: Mon, 12 Oct 1998 11:46:37 -0700

Yes.  Well, the crypto part anyways ;-)
...
-----Original Message-----
From: mac-crypto@vmeng.com [mailto:mac-crypto@vmeng.com]On Behalf Of
Robert Hettinga
Sent: Sunday, October 11, 1998 8:08 AM
To: mac-crypto@vmeng.com
Subject: Hidden WebTV signatures
Pablo?
Did *you* do this???
:-)
Cheers,
Bob Hettinga
--- begin forwarded text
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cypherpunks@cyberpass.net
Subject: Hidden WebTV signatures
X-Authenticated: relaymail v0.9 on cs26.cs.auckland.ac.nz
Date: Mon, 12 Oct 1998 03:29:04 (NZDT)
Sender: owner-cypherpunks@cyberpass.net
Precedence: first-class
Reply-To: pgut001@cs.auckland.ac.nz (Peter Gutmann)
X-Loop: cypherpunks@cyberpass.net
For those of you who don't read sci.crypt, Robert Ames
<gnome@istar.ca> has
posted an article in which he observes that all WebTV posts contain an
X-WebTV-Signature: line containing base64-encoded data.  For
samples of
WebTV-generated posts, try the alt.weemba newsgroup, which is
filled with
WebTV-user drool (caution: remember to employ protection when
exposting your
mind to the content of the messages).  Some samples:
X-WebTV-Signature: 1
ETAsAhQDqtur/jfleJ2CDOnNrVoeyALEQAIUOQyCBbzjx5HHfxeMERDgCjztXOU=
X-WebTV-Signature: 1
ETAtAhUAmCCzQt+Tqt6fNX+L9+gDCECaqQkCFA0YCPz5tk85mUgq7iX/u4vWvOgG
These decode into ASN.1-encoded DSA signatures, eg:
1 30   45: SEQUENCE {
   3 02   21:   INTEGER
            :     00 98 20 B3 42 DF 93 AA DE 9F 35 7F 8B F7 E8 03
            :     08 40 9A A9 09
  26 02   20:   INTEGER
            :     0D 18 08 FC F9 B6 4F 39 99 48 2A EE 25 FF BB 8B
            :     D6 BC E8 06
            :   }
for the second one.  The key isn't included in the header,
presumably the
@webtv.net address can be tied to the hardware which contains
some hardcoded
DSA key.  I wonder if WebTV users know they're signing each
message they send?
Peter.
--- end forwarded text
-----------------
Robert A. Hettinga <mailto: rah@philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
--- end forwarded text


-----------------
Robert A. Hettinga <mailto: rah@philodox.com>
Philodox Financial Technology Evangelism <http://www.philodox.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'