Microsoft Authenticode key security

Greg Broiles gbroiles-nospam at netbox.com
Wed Mar 5 05:51:21 PST 1997



Recent discussion on the cypherpunks list(s) talked about the
feasibility of subverting Microsoft's security model by stealing their
private key(s). The following snippet (originally sent to RISKS
digest) might be of interest:

>Date: Mon, 3 Mar 1997 19:23:15 -0800
>From: "Bob Atkinson (Exchange)" <bobatk at EXCHANGE.MICROSOFT.com>
>Subject: Comments and corrections regarding Authenticode
>
>As the architect and primary implementor of the Authenticode code-signing
>technology (boy, that'll get me mail :-) found in Internet Explorer 3 and in
>Windows NT 4, I think my perhaps somewhat lengthy and clearly very biased
>perspective on some recent articles might be of interest to others.
>Bob Atkinson
>[...]
>For those curious: at the present time, the private keys with which
>Microsoft signs code that it publishes are managed inside BBN SafeKeyper
>boxes housed in a guarded steel and concrete bunker. Even were a SafeKeyper
>to somehow be physically stolen, these cool little boxes have several
>elaborate internal defenses designed to have the box destroy itself rather
>than compromise its keys. As I understand things, a military variation on
>the SafeKeyper technology is used as an integral part of launch control of
>nuclear missiles on submarines in the US Navy.


--
Greg Broiles                | US crypto export control policy in a nutshell:
gbroiles at netbox.com         | 
http://www.io.com/~gbroiles | Export jobs, not crypto.
                            | 






More information about the cypherpunks-legacy mailing list