NSA key to Windows: an open question

September 4, 1999

Web posted at: 4:43 p.m. EDT (2043 GMT)

(CNN) - Microsoft operating systems have a backdoor entrance for the National Security Agency, a cryptography expert said Friday, but the software giant denied the report and other experts differed on it.

The chief scientist at an Internet security company said Microsoft built in a "key" for the nation's most powerful intelligence agency to the cryptographic standard used in Microsoft Windows 95, Windows 98, Windows NT4 and Windows2000.

To use cryptographic applications in Windows, users must load its cryptography architecture in a standard called CryptoAPI.

A year ago, researchers discovered there were two keys, or digital signatures, that allowed the loading of CryptoAPI -- Microsoft had one but the identity of the other keyholder was a mystery.

Andrew Fernandes of Ontario-based Cryptonym Corp. and his colleagues now say the NSA holds the second key because they found that a recent service pack for Windows NT failed to cloak the second key, revealing it as "_NSAKEY."

"In the data security profession, those three initials only mean one thing: National Security Agency," Fernandes said.

Microsoft denied that the key belongs to the NSA, saying instead that the "_NSAKEY" label simply means the cryptography architecture meets the NSA's standards for export.

"These reports are completely false," said Microsoft spokesman Dan Leach.

"The key does not allow any other party to start or stop cryptographic services on anyone's computers.

"So no, the government cannot spy on your computer using Microsoft software. We don't intentionally leave backdoors. Microsoft has consistently opposed key escrow because we feel it is no good for the consumer, for Microsoft and no good for the government."

Fernandes said the NSA key would allow the intelligence agency to load services on users' machines without their authorization, an option it more likely would use against a corporation than an individual.

Fernandes posted a "fix" to the key on his Web site Friday, along with a press release announcing his report on the second key. The NSA failed to return comment on the key.

The alleged NSA key came to light just days after Microsoft squelched a breach to its Web-based e-mail service, Hotmail.

Computer expert: 'a small deal'

UC Berkeley's David Wagner, a computer security expert, said the "does not open a massive back door allowing NSA to spy on your computer."

The statement by Cryptonym is "a small deal at least," Wagner said. The only problem he found with the CryptoAPI architecture is that if a Windows systems has a virus, it may make the virus more destructive.

It could be that NSA is making it easier to manage their own computers, Wagner said. Users of Windows 95/98/NT systems should not infer that the NSA is able to spy on any computer using a Windows operating system, he said.

Report shocked crypto experts

Fernandes initially gave his report at a cryptography conference in Santa Barbara last month, during a late-night session where a few dozen experts in the audience were "shocked" by the alleged security flaw, said UC Berkeley cryptography researcher Ian Goldberg. Goldberg was at the session where Fernandes discussed his findings.

The discovery "highly suggests" that the NSA has a key it could use to enter encrypted items on anybody's Windows operating system, said Goldberg, also chief scientist at Zero-Knowledge Systems.

Zero-Knowledge Systems is about to release a product designed to ensure the privacy of Internet users when they surf the Web, post to newsgroups, send email or chat.

Fernandes said the evidence shows that the NSA is involved in the key but it fails to indicate who owns the key. Even if Microsoft claims the key is its own, Fernandes said he believes the key was put in the Windows products at the request of the NSA.

"They've got their hand in the cookie jar and they're trying to convince you they aren't taking a cookie, they're checking to make sure there's lots of cookies left for you," Fernandes said.

Fernandes, who came up with his results in collaboration with the Berlin-based Chaos Computer Club, said it comes down to an issue of trusting Microsoft.

The security flaw does not give hackers an entrance to Windows-based cryptography services, Fernandes said, because hackers lack the private key.

He called for Microsoft to be more honest about its security infrastructure and the "deal they had to cut with the government to allow the exportation of cryptography in Windows."

Open-source versus 'shrink-wrapped' crypto

Alec Muffett, a security consultant for Sun Microsystems' Professional Services, said his operation uses open source cryptography and internal software and that many international companies have decided not to trust Microsoft.

"Any company worth its salt would demand using an open source cryptography as opposed to a shrink-wrapped product which this is," Muffett said.

Open-source code is thought by its adherents to be more secure and a better product since it has been tweaked by many more programmers than a product put out by a single company.

The United States limits the exportation of "strong" cryptography, mainly to make it easier for its intelligence agencies to do its work. For the NSA, that means listening in via its Echelon project to the telephone, fax, cable and other electronic communications of other nations.

It is illegal for the agency to eavesdrop on American citizens, meaning that if the NSA key exists, international businesses are most at risk, Fernandes said.

Still, Muffett said the NSA would be unlikely to conduct massive snooping on businesses outside the United States via a key on Microsoft Windows products -- if it exists. That would take too much work.

Instead, the agency could use a key to obtain a targeted piece of evidence or to trade information with other security agencies outside the United States.

"It's a bit of a conundrum from a political strategy point of view," Muffett said.