Actually, and sort of to the point, no, the keys never actually ever the BBN box, except as part of a backup procedure in which they are extracted in a doubly-encrypted form for which for security reasons you need the manufacturer's help in restoring. To this day, no human or computer other than the box itself knows the key. Bob
-----Original Message----- From: Toto [SMTP:toto@sk.sympatico.ca] Sent: Wednesday, March 05, 1997 9:18 AM To: gbroiles-nospam@netbox.com Cc: cypherpunks@toad.com; Bob Atkinson (Exchange) Subject: Re: Microsoft Authenticode key security
Greg Broiles wrote:
From: "Bob Atkinson (Exchange)" <bobatk@EXCHANGE.MICROSOFT.com> Subject: Comments and corrections regarding Authenticode
For those curious: at the present time, the private keys with which Microsoft signs code that it publishes are managed inside BBN SafeKeyper boxes housed in a guarded steel and concrete bunker. Even were a SafeKeyper to somehow be physically stolen, these cool little boxes have several elaborate internal defenses designed to have the box destroy itself rather than compromise its keys.
Bob fails to mention, however, that, as a backup system, the keys are also written on pieces of masking tape attached to the underside of his keyboard. -- Toto http://bureau42.base.org/public/xenix/xenbody.html