An independent security expert has questioned allegations made earlier this month that the National Security Agency (NSA) has a backdoor to Microsoft's Windows platform.
Andrew Fernandes, chief scientist at a Mississauga, Ontario-based security software company called Cryptonym, said one of the two keys that Microsoft uses to digitally sign cryptography suites that secure data is called "NSAKEY" in the code. This led to suspicions that the NSA had the ability to sign cryptography suites or insert a Trojan Horse -- both of which could compromise encrypted data on Windows 95, 98, 2000 and NT.
But respected cryptographer Bruce Schneier, president of Counterpane Systems, a Minneapolis-based cryptography and security consultancy, noted that if the NSA wanted to compromise Microsoft's CryptoAPI, which supports the encryption of data in Windows programs, there are easier ways. The NSA could convince the company to divulge the secret-key portion of its signature key, for example; get Microsoft to sign an NSA-compromised security module; or install a module other than CryptoAPI to break encryption strategies.
"It's not an NSA key so they can secretly install weak cryptography on the unsuspecting masses," said Schneier. "There are just too many smarter things they can do to the unsuspecting masses."
Schneier also pointed out that the NSA doesn't necessarily need a key to compromise security in Windows because programs like Back Orifice can do so on most systems without keys.
Perhaps the biggest tip-off to skeptics was the name of the key itself. If the NSA did have a secret key, naming it "NSAKEY" seemed too obvious. While companies such as Microsoft, which don't release their source code for review, are always under suspicion that they could be hiding backdoors in their products, anyone with a debugger could have found the "NSAKEY" name, Schneier observed.
Microsoft denies that the NSAKEY key is actually shared with the NSA and asserts that the company has no backdoors in any of its products. "We have not shared it with the NSA or any other third party. It's maintained by Microsoft, and we have it in a secured facility," said Scott Culp, Microsoft's security product manager.
Culp said the NSAKEY key is a backup to its primary digital-signature key used to enforce encryption export regulations. Current U.S. law limits exportable software products to 56-bit cryptography unless a waiver is granted. Culp noted that export licenses are granted by the U.S. Department of Commerce, but the technical compliance review is conducted by the NSA -- hence the key name. "It was just a really bad name, just a really poorly chosen name, and I think its safe to assume that we will change the name of that variable," said Culp.
Culp explained that developers of general-purpose programs that implement cryptography use Microsoft's CryptoAPI to let Windows encrypt and decrypt data. If developers want to create their own pluggable modules or cryptography suites to implement a particular algorithm in a Windows-compliant program, they can write a cryptographic service provider (CSP) that implements that function.
Culp said Microsoft is required by law to make sure that only CSPs that comply with export regulations can be loaded in CryptoAPI. When the CSPs are run under the CryptoAPI, the key verifies the digital signature of the CSP as it loads, confirming that it has met export requirements.
"It's not a backdoor. No data encryption is done with these keys; they are signing keys only," said Culp.
Culp added that each signing key is actually a pair of keys -- a private and public key. The public signing key resides in every copy of Windows. And the private key, held by Microsoft, is matched with the public key to confirm the identity of the CSP.
Culp says the backup NSAKEY was created to ensure that if the secure facility holding the private key was destroyed by an earthquake or other disaster, the company wouldn't have to replace all the public keys in every Windows system.