Ravi Pandya wrote:

...

... You can't load an encryption engine into Windows 95 or Windows NT unless that engine has been specially signed by Microsoft's corporate key.

And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires.

Much easier would be to patch the OS to disable the signature check by the CryptoAPI. A patching program, once written, would require no particular skill to run. Sort of like 'rechipping' a high-end sportscar. Peter Trei Senior Software Engineer Purveyor Development Team Process Software Corporation http://www.process.com trei@process.com