1998-01-21 - Re: [Long] How to recover private keys for various Microsoftproducts
Header Data
From: Steve Schear <schear@lvdi.net>
To: cryptography@c2.net
Message Hash: 5743e566bdbc47f1a019fb6690116b39b56d1332f59c0bfb9fa87ce1d76f5c0c
Message ID: <v03102800b0eab79afcbc@[208.129.55.202]>
Reply To: <88531016604880@cs26.cs.auckland.ac.nz>
UTC Datetime: 1998-01-21 21:44:57 UTC
Raw Date: Thu, 22 Jan 1998 05:44:57 +0800
Raw message
From: Steve Schear <schear@lvdi.net>
Date: Thu, 22 Jan 1998 05:44:57 +0800
To: cryptography@c2.net
Subject: Re: [Long] How to recover private keys for various Microsoftproducts
In-Reply-To: <88531016604880@cs26.cs.auckland.ac.nz>
Message-ID: <v03102800b0eab79afcbc@[208.129.55.202]>
MIME-Version: 1.0
Content-Type: text/plain
At 4:29 AM +0000 1/21/98, Peter Gutmann wrote:
> How to recover private keys for Microsoft Internet Explorer, Internet
> Information Server, Outlook Express, and many others
> - or -
> Where do your encryption keys want to go today?
>
> Peter Gutmann, <pgut001@cs.auckland.ac.nz>
>
>Summary
>-------
>
>Microsoft uses two different file formats to protect users private keys, the
>original (unnamed) format which was used in older versions of MSIE, IIS, and
>other software and which is still supported for backwards-compatibility reasons
>in newer versions, and the newer PFX/PKCS #12 format. Due to a number of
>design and implementation flaws in Microsofts software, it is possible to break
>the security of both of these formats and recover users private keys, often in
>a matter of seconds. In addition, a major security hole in Microsofts
>CryptoAPI means that many keys can be recovered without even needing to break
>the encryption. These attacks do not rely for their success on the presence of
>weak, US-exportable encryption, they also affect US versions.
>
>As a result of these flaws, no Microsoft internet product is capable of
>protecting a users keys from hostile attack. By combining the attacks
>described below with widely-publicised bugs in MSIE which allow hostile sites
>to read the contents of users hard drives or with an ActiveX control, a victim
>can have their private key sucked off their machine and the encryption which
>"protects" it broken at a remote site without their knowledge.
>
Seems a good way to teach M$ a security lesson is to use Peter's code to snatch M$' ant significant keys on their corporate servers and publish. Of course, they're probably too smart to leave important data just lying around on unsecure '95/NT servers and instead use Linux ;-)
--Steve
Thread
Return to January 1998
- Return to “Black Unicorn <unicorn@schloss.li>”
- Return to “pgut001@cs.auckland.ac.nz (Peter Gutmann)”
- Return to “phelix@vallnet.com”
- Return to “Steve Schear <schear@lvdi.net>”
Return to ““William H. Geiger III” <whgiii@invweb.net>”
- 1998-01-20 (Tue, 20 Jan 1998 23:37:38 +0800) - [Long] How to recover private keys for various Microsoft products - pgut001@cs.auckland.ac.nz (Peter Gutmann)
- 1998-01-20 (Wed, 21 Jan 1998 01:23:16 +0800) - Re: [Long] How to recover private keys for various Microsoft products - “William H. Geiger III” <whgiii@invweb.net>
- 1998-01-21 (Wed, 21 Jan 1998 15:42:03 +0800) - Re: [Long] How to recover private keys for various Microsoft products - phelix@vallnet.com
- 1998-01-21 (Thu, 22 Jan 1998 05:44:57 +0800) - Re: [Long] How to recover private keys for various Microsoftproducts - Steve Schear <schear@lvdi.net>
- 1998-01-22 (Thu, 22 Jan 1998 08:40:23 +0800) - Re: [Long] How to recover private keys for various Microsoft products - “William H. Geiger III” <whgiii@invweb.net>
- 1998-01-23 (Fri, 23 Jan 1998 11:29:56 +0800) - Re: [Long] How to recover private keys for various Microsoft products - Black Unicorn <unicorn@schloss.li>