From today's HotWired Packet http://www.packet.com:
"Today Microsoft is using similar technology as part of its Cryptography API: You can't load an encryption engine into Windows 95 or Windows NT unless that engine has been specially signed by Microsoft's corporate key. The reason for this restriction, says the company, is the Clinton administration: Microsoft couldn't have gotten export permission for its operating systems if users could easily plug in crypto engines that hadn't been approved. " This is disturbing, if true, though I suspect there is also a less ominous reason: you certainly want your cryptography provider to be trusted, and you want to be sure the code has not been altered. The implications really depend on Microsoft's policy on signing cryptography engines, and whether they allow a way to delegate signature authority. Ravi
Ravi Pandya wrote:
... You can't load an encryption engine into Windows 95 or Windows NT unless that engine has been specially signed by Microsoft's corporate key.
And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires. ______c_________________________________________________________________ Mike M Nally * IBM % Tivoli * Austin TX * How quickly we forget that mailto:m5@tivoli.com mailto:m101@io.com * "deer processing" and "data http://www.io.com/~m101/ * processing" are different!
At 11:45 AM -0500 10/9/96, Mike McNally wrote:
And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires.
Indeed, not all Microserfs are millionaires. Accessing the URL, http://microsoft.com/list_of_millionaires, I find that as of the close of business yesterday, there were 13 non-millionaires at Microsoft. Seven were part-time janitors, three were in food service, and the remaining three had no identifiable jobs. (And two of the janitors are expected to become millionaires any day now.) And http://microsoft.com/list_of_billionaires reports three on the list. Glad to be of help. --Klaus "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
Mike McNally <m5@tivoli.com> writes:
Ravi Pandya wrote:
... You can't load an encryption engine into Windows 95 or Windows NT unless that engine has been specially signed by Microsoft's corporate key.
And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires.
But who may want to be, eh? :) Actually it is also possible to use a much more overt route and just patch around anything which is doing the signature checking (possibly on just a temporary basis if the checks are only made when the engine is first loaded.) jim
Mike McNally writes:
And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires.
I ask: "Who Cares?" It is easy enough to distribute with the secure-non-GAK plug-in a patch for disabling the module authentication. Heck, you could even make an ActiveX applet that did it... andrew "Click Here to Download and Install Real Crypto"
participants (5)
-
Andrew Loewenstern -
Jim McCoy -
Mike McNally -
Ravi Pandya -
Timothy C. May