1997-03-05 - Re: Microsoft Authenticode key security

Header Data

From: Adam Back <aba@dcs.ex.ac.uk>
To: bobatk@exchange.microsoft.com
Message Hash: c2f170908ec964bcafac3ec72766b51cd2091a7214d0e19845814011d2bfe45a
Message ID: <199703052110.VAA00412@server.test.net>
Reply To: <7D9A01DBBFD5CF11AD0F0000F8411F8A42697E@ROADKILL>
UTC Datetime: 1997-03-05 21:20:51 UTC
Raw Date: Wed, 5 Mar 1997 13:20:51 -0800 (PST)

Raw message

From: Adam Back <aba@dcs.ex.ac.uk>
Date: Wed, 5 Mar 1997 13:20:51 -0800 (PST)
To: bobatk@exchange.microsoft.com
Subject: Re: Microsoft Authenticode key security
In-Reply-To: <7D9A01DBBFD5CF11AD0F0000F8411F8A42697E@ROADKILL>
Message-ID: <199703052110.VAA00412@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain



Bob Atkinson <bobatk@microsoft.com> writes:
> Actually, and sort of to the point, no, the keys never actually ever the
> BBN box, except as part of a backup procedure in which they are
> extracted in a doubly-encrypted form for which for security reasons you
> need the manufacturer's help in restoring.
> 
> To this day, no human or computer other than the box itself knows the
> key.

Yeah, but we can always just release a patch for windows which makes
it check signatures made by "cypherpunks certification services". 

As has been noted in previous discussions of CAPI (on this list),
there is room for different competing patched key signature services:
sign anything, sign only CAPI modules which don't involve GAK (key
escrow), sign modules for which source code has been examined and
provide a degree of assurance that the module is secure.  Charges
could be made for the CAPI rating, to the module provider, and to the
users of the rating service even (with non-transferable signatures).

Also, the BBN box might be overkill considering ActiveX -- the key
could probably be patched delivered maliciously by the unsuspecting
windows user accessing a web page.

Adam
-- 
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`





Thread