[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Hidden WebTV signatures

To: [email protected]
Subject: Hidden WebTV signatures
From: [email protected] (Peter Gutmann)
Date: Mon, 12 Oct 1998 03:29:04 (NZDT)
Reply-To: [email protected]
Sender: [email protected]


For those of you who don't read sci.crypt, Robert Ames <[email protected]> has 
posted an article in which he observes that all WebTV posts contain an 
X-WebTV-Signature: line containing base64-encoded data.  For samples of 
WebTV-generated posts, try the alt.weemba newsgroup, which is filled with 
WebTV-user drool (caution: remember to employ protection when exposting your 
mind to the content of the messages).  Some samples:
 
X-WebTV-Signature: 1
        ETAsAhQDqtur/jfleJ2CDOnNrVoeyALEQAIUOQyCBbzjx5HHfxeMERDgCjztXOU= 
X-WebTV-Signature: 1
        ETAtAhUAmCCzQt+Tqt6fNX+L9+gDCECaqQkCFA0YCPz5tk85mUgq7iX/u4vWvOgG 
 
These decode into ASN.1-encoded DSA signatures, eg:
 
   1 30   45: SEQUENCE {
   3 02   21:   INTEGER
            :     00 98 20 B3 42 DF 93 AA DE 9F 35 7F 8B F7 E8 03
            :     08 40 9A A9 09
  26 02   20:   INTEGER
            :     0D 18 08 FC F9 B6 4F 39 99 48 2A EE 25 FF BB 8B
            :     D6 BC E8 06
            :   }
 
for the second one.  The key isn't included in the header, presumably the 
@webtv.net address can be tied to the hardware which contains some hardcoded 
DSA key.  I wonder if WebTV users know they're signing each message they send?
 
Peter.

Prev by Date: EVEN MORE FREE PORN: STUFFED HAS 10 LINKS TO 100S OF FREE PICS, NEW EVERY DAY
Next by Date: Re: Hidden WebTV signatures
Prev by thread: IP: This Country *Needs* to Come to a Screeching Halt!
Next by thread: Re: Hidden WebTV signatures
Index(es):
- Date
- Thread