OS9USER News Room

Reporting Breaking Stories Around The Internet

OS9USER USERS ROOM Will we ever be totally protected from hackers ???
The OS9USER'S ROOM

Microsoft operating systems have a backdoor entrance for the National Security Agency


_NSAKEY is a variable name discovered in Windows NT 4 Service Pack 5 (which had been released unstripped of its symbolic debugging data) in August 1999 by Andrew D. Fernandes of Cryptonym Corporation. That variable contained a 1024-bit public key.

Microsoft's operating systems require all cryptography suites that can go into its operating systems to have a digital signature. When only Microsoft-approved cryptography suites can be used, complying with the Export Administration Regulations (EAR) of the US Department of Commerce, Bureau of Export Administration (BXA) is easier. It was already known that Microsoft uses two keys, a primary and a spare, either of which can create valid signatures. The primary key is stored in the variable _KEY; Fernandes had discovered the second key.

Fernandes published his discovery, touching off a flurry of speculation and development of numerous conspiracy theories. If the private half of that key were actually owned by the United States National Security Agency, it would allow that intelligence agency to subvert any Windows users' security.



CAPI Signature Public Keys as PGP Keys

In September 1999, an anonymous researcher reverse-engineered both the primary key and the _NSAKEY into PGP-compatible format and published them to the key servers.

Please do not edit the keys, unless we instruct you to do so.

Microsoft's Primary (_KEY variable) CAPI Signature Key

Type Bits/KeyID Date User ID
pub 1024/346B5095 1999/09/06 Microsoft's CAPI key

-----BEGIN PGP PUBLIC KEY BLOCK-----


mQCPAzfTc8YAAAEEALJz4nepw3XHC7dJPlKws2li6XZiatYJujG+asysEvHz2mwY
2WlRggxFfHtMSJO9FJ3ieaOfbskm01RNs0kfoumvG/gmCzsPut1py9d7KAEpJXEb
F8C4d+r32p0C3V+FcoVOXJDpsQz7rq+Lj+HfUEe8GIKaUxSZu/SegCE0a1CVABEB
AAG0L01pY3Jvc29mdCdzIENBUEkga2V5IDxwb3N0bWFzdGVyQG1pY3Jvc29mdC5j
b20+iQEVAwUQN9Nz5j57yqgoskVRAQFr/gf8DGm1hAxWBmx/0bl4m0metM+IM39J
yI5mub0ie1HRLExP7lVJezBTyRryV3tDv6U3OIP+KZDthdXb0fmGU5z+wHt34Uzu
xl6Q7m7oB76SKfNaWgosZxqkE5YQrXXGsn3oVZhV6yBALekWtsdVaSmG8+IJNx+n
NvMTYRUz+MdrRFcEFDhFntblI8NlQenlX6CcnnfOkdR7ZKyPbVoSXW/Z6q7U9REJ
TSjBT0swYbHX+3EVt8n2nwxWb2ouNmnm9H2gYfXHikhXrwtjK2aG/3J7k6EVxS+m
Rp+crFOB32sTO1ib2sr7GY7CZUwOpDqRxo8KmQZyhaZqz1x6myurXyw3Tg==
=ms8C
-----END PGP PUBLIC KEY BLOCK-----

Microsoft's Secondary (_NSAKEY variable, now _KEY2) CAPI Signature Key

Type Bits/KeyID Date User ID
pub 1024/51682D1F 1999/09/06 NSA's Microsoft CAPI key

-----BEGIN PGP PUBLIC KEY BLOCK-----


mQCPAzfTdH0AAAEEALqOFf7jzRYPtHz5PitNhCYVryPwZZJk2B7cNaJ9OqRQiQoi
e1YdpAH/OQh3HSQ/butPnjUZdukPB/0izQmczXHoW5f1Q5rbFy0y1xy2bCbFsYij
4ReQ7QHrMb8nvGZ7OW/YKDCX2LOGnMdRGjSW6CmjK7rW0veqfoypgF1RaC0fABEB
AAG0LU5TQSdzIE1pY3Jvc29mdCBDQVBJIGtleSA8cG9zdG1hc3RlckBuc2EuZ292
PokBFQMFEDfTdJE+e8qoKLJFUQEBHnsH/ihUe7oq6DhU1dJjvXWcYw6p1iW+0euR
YfZjwpzPotQ8m5rC7FrJDUbgqQjoFDr++zN9kD9bjNPVUx/ZjCvSFTNu/5X1qn1r
it7IHU/6Aem1h4Bs6KE5MPpjKRxRkqQjbW4f0cgXg6+LV+V9cNMylZHRef3PZCQa
5DOI5crQ0IWyjQCt9br07BL9C3X5WHNNRsRIr9WiVfPK8eyxhNYl/NiH2GzXYbNe
UWjaS2KuJNVvozjxGymcnNTwJltZK4RLZxo05FW2InJbtEfMc+m823vVltm9l/f+
n2iYBAaDs6I/0v2AcVKNy19Cjncc3wQZkaiIYqfPZL19kT8vDNGi9uE=
=PhHT
-----END PGP PUBLIC KEY BLOCK-----


Before CSP loading

  in ADVAPI32.DLL

Address 0x77DF5530

->

A9 F1 CB 3F DB 97 F5 ... ... ...

Address 0x77DF55D0

->

90 C6 5F 68 6B 9B D4 ... ... ...
     

After RC4 encryption using

  we see

A2 17 9C 98 CA

=>

R S A 1 ... 00 01 00 01 ... (looks like an RSA public key)

A0 15 9E 9A C8

=>

R S A 1 ... 00 01 00 01 ... (looks like an RSA public key)
     

Looking at SP5 debugging symbols

  in "_CProvVerifyImage@8"

Address 0x77DF5530

<-

has data tag "_KEY"

Address 0x77DF55D0

<-

has data tag "_NSAKEY"






Read A CNN Report



    Post Your Comments  In
Our Newsroom.


We Will Keep You Up To Date Here On This Website, Of Any New's Breaking Stories. This page will be updated accordingly.


Go Home (click here)