Difference between revisions 123927145 and 123927148 on dewiki

{{cleanup|date=December 2010}}
{{DISPLAYTITLE:_NSAKEY}}
'''_NSAKEY''' was a [[variable (computer science)|variable]] name discovered in [[Windows NT 4]] [[Windows_NT_4.0#Service_Packs|Service Pack]] 5 (which had been released unstripped of its [[Debug symbol|symbolic debugging]] data) in August 1999 by Andrew D. Fernandes of Cryptonym Corporation. That variable contained a 1024-bit [[public key]].

== Overview ==
(contracted; show full)

A second possibility is that Microsoft included a second key to be able to sign cryptographic modules outside the United States, while still complying with the BXA's EAR. If cryptographic modules were to be signed in multiple locations, using multiple keys is a reasonable approach. However, no cryptographic module has ever been found to be signed by _NSAKEY and Microsoft denies that any other certification authority exists.


A third possibility is that the _NSAKEY enables the NSA or other agencies to sign their own cryptographic modules without being required to disclose those modules to Microsoft, which would allow them to create modules in-house that implement classified algorithms. Of course this capability would also enable an agency to sign modules that could be used to undermine the security of any Windows installation.{{Citation needed|date=August 2007}}⏎
⏎
Microsoft denied that the NSA has access to the _NSAKEY secret key. <ref>{{cite web
|url=http://articles.cnn.com/1999-09-03/tech/9909_03_windows.nsa.02_1_national-security-agency-cryptography-windows-nt4?_s=PM:TECH
|title=NSA key to Windows an open question
|date=3 September 1999
|accessdate=2011-11-20
}}</ref>

The key is still present in subsequent versions of Windows, though it has been renamed "_KEY2."{{Citation needed|date=September 2011}}⏎
⏎
It was possible to remove the second _NSAKEY using the following (note this was for Windows software in 1999).

<blockquote>There is good news among the bad, however. It turns out that there is a flaw in the way the "crypto_verify" function is implemented. Because of the way the crypto verification occurs, users can easily eliminate or replace the NSA key from the operating system without modifying any of Microsoft's original
(contracted; show full)[[Category:Microsoft criticisms and controversies]]
[[Category:History of cryptography]]
[[Category:Conspiracy theories]]
[[Category:National Security Agency]]
[[Category:Microsoft Windows security technology]]

[[fr:NSAKEY]]
[[ru:NSAKEY]]

All content in the above text box is licensed under the Creative Commons Attribution-ShareAlike license Version 4 and was originally sourced from https://de.wikipedia.org/w/index.php?diff=prev&oldid=123927148.

This site is not affiliated with or endorsed in any way by the Wikimedia Foundation or any of its affiliates. In fact, we fucking despise them.