|
Cryptonym Interview Continued
9/10/99
Mike Hudack
Editor-in-Chief
If you missed it, the first part of the Cryptonym interview is online.
Continued as verbatim as possible:
<Andrew> In terms of actual time now, to find out what was in there. It didnīt take a whole lot. One of the things in the public Crypto API documentation is that you have to look for the strings of the public and private keys prefixed by the headers "RSA1" and "RSA2." And that should mean something to anyone whoīs ever used encryption toolkits for RSA. And, aah, right after that... One of the debugging... like on the screenshots, you can see "BSave Encrypt Public." And all of a sudden Iīm like, "Aaah, BSave. Yeeah..." Yeah, RSA Data Security BSave Toolkit... Aaah...
<Mike> Yup.
<Andrew> So, no brainer you know. After that it doesnīt take... You almost find this stuff without looking for it.
<Mike> Yeah, so you can even do a search...
<Andrew> It doesnīt even take that...
<Mike> I mean if youīre actually looking for it.
<Andrew> Yeah. In terms of, in terms of figuring out what was going on in Iīd say miliseconds. Itīs fully explained on one screen -- first check Key and then check _NSAKey. I mean, thatīs one page of 386 Assembly Language. So you know, that was about it.
<Mike> Yeah. So when you actually found this, what were you thinking? Was it like, "Oh hereīs a backdoor..." "Hereīs..." You know, what?
<Andrew> What were my first thoughts? Holy shit -- NSA stuck right in the middle... First of all, I thought it was incredibly stupid for someone to put the letters "NSA" right into the middle of a crypto module.
<Mike> Yeah, of course... Automatically, when anyone sees that, red flags go right up.
<Andrew> Oh yeah, your red flags go way up. Now, I did not initially think that it was some sort of back door. You have to be careful with that term -- everyone has their different definitions of back doors.
<Mike> Yeah...
<Andrew> But in terms of, could this be in some way connected with the NSA getting into your machine... And again, Iīll define that later on. I didnīt think of it immediately because it just seemed too stupid. To be brutally honest. Once I did... I had quite a while to think about this. I first found this in early August and I had a couple weeks to think about it before Crypto `99 in Santa Barbara. And even afterwards I just discussed it with people there and had another couple weeks to think about it before I put it on the Web site. And I started shifting through... I mean, "why the hell would that be there?" Now, I knew there would be two keys...
<Mike> Well, I tell you, Iīve done a lot of speaking with Microsoft on this subject. And they refuse to tell anyone even what that second key is there for.
<Andrew> Well they kind of make rumbling noises about it being a backup key.
<Mike> Well they havenīt even said that...
<Andrew> Yeah, they did in the Washington Post.
<Mike> They did? Okay I missed that.
<Andrew> And the CCC, the Chaos Computer Club, they called me this afternoon and told me that in fact Microsoft Germany, Microsoft USA and Microsoft one other country had issued relatively contradictory contrary press releases...
<Mike> Well Iīm not suprised.
<Andrew> Well, you know, any large company...
<Mike> Yeah, absolutely.
<Andrew> Anyway, the way events have progressed in the past year... Ever since Crypto API came out Microsoft has said, "look, before you load a CSP you have to get a digital signature from us." So you know there has to be a public signature somewhere in there.
<Mike> Well yeah, there kind of... there has to be.
<Andrew> Oh no, no. There absolutely has to be -- if theyīre going to use digital signatures there has to be.
<Mike> Oh, I meant in the sense that theyīd have to get these things signed.
<Andrew> So anyway, last August Cipher and the S in RSA... They were using maximum entry principals to look for embedded keys in executables. They were saying look, this is not a safe place to store your keys. You know, all root keys in a PKI are stuck in software somewhere. And if theyīre there they can be found and changed. So they had run scanners over Microsoft programs and discovered that Crypto API there wasnīt one key -- there were two keys. And Microsoft did the typical "no comment, itīs our key... We know itīs there," you know... da da da... No comment. And the issue kind of died down. If theyīre not going to tell you you just donīt know.
<Mike> Yeah, and thereīs no way you could find out.
<Andrew> So I did have some background, you know, rumbling somewhere in the top of my head and I did a little research later on. So it was known there were two keys. So along comes these labels, "Key" and "_NSAKey." Well, what I obviously did... First I fell off my chair, you know, I was shocked... "Holy Toledo! Whatīs that doing there?" You start running through reasons in your head -- well, why would that be there, or why could that be there? And I know Ian Goldberg did this too, with Zero Knowledge. The complete real explanation for it is that itīs a way for the NSA -- Or the only explanation that makes sense... The only explanation that covers the bases, or at least more consistently than other explanations... Is that that key is in some way is in the influence or control of the NSA.
<Mike> Well, of course, in crypto speak NSA can only mean one thing -- the National Security Agency.
<Andrew> Thereīs two analogies I use depending on the reporter... The first is, well, the more conservative approach is: If youīre a software developer in the computer field and youīre talking about buying some IBM -- youīre not going to pretend you donīt know what IBM Iīm talking about. And the other way of saying it is, "at the height of the cold war, can you imagine trying to convince the Russians that ICBM stands for `I Can Be very Mellow.ī" Itīs just not going to work. Had it been anywhere but the crypto module then for sure NSA could have stood for anything. But stuck in the middle of crypto verification, blah blah blah, itīs inconceivable that it could be anything else. Now, again, you canīt claim ownership, or who controls a key... you could split those hairs a thousand days from tomorrow. But -- I think itīs almost inarguable that the NSA had some input in that key. Whether that is a lot of input or a little input, whether itīs malicious...
Click To Continue |
