[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Long] How to recover private keys for various Microsoft products

To: Steve Schear <[email protected]>
Subject: Re: [Long] How to recover private keys for various Microsoft products
From: "William H. Geiger III" <[email protected]>
Date: Wed, 21 Jan 98 18:33:51 -0500
Cc: [email protected], [email protected]
In-Reply-To: <v03102800b0eab79afcbc@[208.129.55.202]>
Sender: [email protected]


-----BEGIN PGP SIGNED MESSAGE-----

In <v03102800b0eab79afcbc@[208.129.55.202]>, on 01/20/98 
   at 12:43 PM, Steve Schear <[email protected]> said:

>At 4:29 AM +0000 1/21/98, Peter Gutmann wrote:
>>    How to recover private keys for Microsoft Internet Explorer, Internet
>>            Information Server, Outlook Express, and many others
>>                                      - or -
>>                 Where do your encryption keys want to go today?
>> 
>>                    Peter Gutmann, <[email protected]>
>> 
>>Summary
>>-------
>> 
>>Microsoft uses two different file formats to protect users private keys, the
>>original (unnamed) format which was used in older versions of MSIE, IIS, and
>>other software and which is still supported for backwards-compatibility reasons
>>in newer versions, and the newer PFX/PKCS #12 format.  Due to a number of
>>design and implementation flaws in Microsofts software, it is possible to break
>>the security of both of these formats and recover users private keys, often in
>>a matter of seconds.  In addition, a major security hole in Microsofts
>>CryptoAPI means that many keys can be recovered without even needing to break
>>the encryption.  These attacks do not rely for their success on the presence of
>>weak, US-exportable encryption, they also affect US versions.
>> 
>>As a result of these flaws, no Microsoft internet product is capable of
>>protecting a users keys from hostile attack.  By combining the attacks
>>described below with widely-publicised bugs in MSIE which allow hostile sites
>>to read the contents of users hard drives or with an ActiveX control, a victim
>>can have their private key sucked off their machine and the encryption which
>>"protects" it broken at a remote site without their knowledge.
>> 


>Seems a good way to teach M$ a security lesson is to use Peter's code to
>snatch M$' ant significant keys on their corporate servers and publish. 
>Of course, they're probably too smart to leave important data just lying
>around on unsecure '95/NT servers and instead use Linux ;-)

More than likely they have them tucked away on one of the AS/400's they
are running at Redmond. :)


- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html                        
- ---------------------------------------------------------------
 
Tag-O-Matic: Dos: Venerable.  Windows: Vulnerable.  OS/2: Viable.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNMaGDI9Co1n+aLhhAQHicwP+NNIDJcNmdJjW294Pr6BEMvuOHmpcm8yk
AijqKWmSerz/D/VDD1zh7FwRNhkMD9qEkEXO4molAIsomo49NgBs8MhEIBSW7FhC
yj2lEZ5/xNGy+SVOoEpWywQD+KpU3FZftHIBUcQE0o7Wc+0AnjHfcUUDgjDkumCF
98Qe8bFqQyg=
=Z4ph
-----END PGP SIGNATURE-----

References:
- Re: [Long] How to recover private keys for various Microsoftproducts
  - From: Steve Schear <[email protected]>

Prev by Date: Will bureaucrats turn the Net into TV? Note from FCC
Next by Date: Re: Latest smartcard software
Prev by thread: Re: [Long] How to recover private keys for various Microsoftproducts
Next by thread: Re: [Long] How to recover private keys for various Microsoft products
Index(es):
- Date
- Thread