Difference between revisions 123927096 and 123927097 on dewiki

< previous diff
next diff >
Benutzer:Kleiner Stampfi/NSAKEY
{{DISPLAYTITLE:_NSAKEY}}
'''_NSAKEY''' is a variable name discovered in [[Windows NT]] 4 Service Pack 5 (which had been released unstripped of its [[Debug symbol|symbolic debugging]] data) in August [[1999]] by Andrew D. Fernandes of [[Cryptonym Corporation]]. That variable contained a 1024-bit [[public key]].

== Overview ==
[[Microsoft]]'s operating systems require all cryptography suites that can go into its operating systems to have a digital signature. When only Microsoft-approved cryptography suites can be used, complying with the [[Export Administration Regulations]] (EAR) of the [[US Department of Commerce]], [[Bureau of Export Administration]] (BXA) (now known as the Bureau of Industry and Securi(contracted; show full)n About Security and NSA Is "Inaccurate and Unfounded"|publisher=Microsoft Corp.|date=1999-09-03|url=http://www.microsoft.com/presspass/press/1999/sept99/rsapr.mspx|accessdate=2006-11-09}}</ref> The key's symbol was "_NSAKEY" because the NSA is the technical review authority for U.S. export controls, and the key ensures compliance with U.S. export laws.

The [[Computers, Freedom and Privacy Conference|Computers, Freedom and Privacy]] 2000 (CFP2000) conference was held from 4-
[[7 April]] [[  2000]] in [[Toronto]], [[Canada]]. During a presentation to that conference, [[Duncan Campbell (investigative journalist)|Duncan Campbell]], Senior Research Fellow at the [[Electronic Privacy Information Center]] (EPIC), mentioned the _NSAKEY controversy as an example of an outstanding issue related to security and surveillance.

Richard Purcell, Microsoft’s Director of Corporate Privacy, approached Campbell after his presentation and expressed a wish to clear up the confusion and doubts about _NSAKEY. Immediately after the conference, Scott Culp, of the Microsoft Security Response Center, contacted Campbell and offered to answer his questions. Their correspondence began cordially but soon became strained; Campbell apparently felt Culp was being evasive and Culp apparently felt that Campbell was hostilely repeating questions that he had already answered. On [[28 April]] [[  2000]], Culp stated that "we have definitely reached the end of this discussion ... [which] is rapidly spiraling into the realm of conspiracy theory"<ref>{{cite web |title=The Culp-Campbell correspondence (Microsoft Stonewalls _NSAkey Questions) |publisher=Cryptome |date=2000-05-25 |url=http://cryptome.org/nsakey-ms-dc.htm |accessdate=2006-11-27}}</ref> and Campbell's further enquiries went unanswered.

== Explanations from other sources ==
(contracted; show full)
the NSA key can be found on Cryptonym's website.<ref>{{cite web |title=Microsoft, the NSA, and You |publisher=Cryptonym |date=1999-08-31 |url=http://web.archive.org/web/20001109204800/http://www.cryptonym.com/hottopics/msft-nsa/msft-nsa.html |accessdate=2007-01-07}} ([[Internet Archive]] / [[Internet Archive#Wayback Machine|Wayback Machine]])</ref> </blockquote>

== CAPI Signature Public Keys as PGP Keys ==
In September 
[[1999]], an anonymous researcher reverse-engineered both the
primary key and the _NSAKEY into PGP-compatible format and published them
to the [[key server (cryptographic)|key server]]s.<ref>{{cite web |title=The reverse-engineered keys |publisher=Cypherspace |date=1999-09-06 |url=http://cypherspace.org/adam/hacks/ms-nsa-key.html |accessdate=2007-01-07}}</ref>

=== Microsoft's Primary (_KEY variable) CAPI Signature Key ===
<pre>
 Type Bits/KeyID Date User ID
(contracted; show full){{reflist}}

[[Category:Microsoft criticisms and controversies]]
[[Category:History of cryptography]]
[[Category:Conspiracy theories]]
[[Category:National Security Agency]]

[[fr:NSAKEY]]