|
In computer security and cryptography, _NSAKEY was a variable name discovered in Windows NT 4 Service Pack 5 (which had been released unstripped of its symbolic debugging data) in August 1999 by Andrew D. Fernandes of Cryptonym Corporation. That variable contained a 1024-bit public key. == Overview == Microsoft's operating systems require all cryptography suites that work with its operating systems to have a digital signature. Since only Microsoft-approved cryptography suites can be installed or used as a component of Windows, it is possible to keep export copies of this operating system (and products with Windows installed) in compliance with the Export Administration Regulations (EAR), which are enforced by the US Department of Commerce Bureau of Industry and Security (BIS). It was already known that Microsoft used two keys, a primary and a spare, either of which can create valid signatures. Microsoft had failed to remove the debugging symbols in ADVAPI32.DLL, a security and encryption driver, when it released Service Pack 5 for Windows NT 4.0, and Andrew Fernandes, chief scientist with Cryptonym, found the primary key stored in the variable _KEY and the second key was labeled _NSAKEY.〔 (Internet Archive / Wayback Machine)〕 Fernandes published his discovery, touching off a flurry of speculation and conspiracy theories, including the possibility that the second key was owned by the United States National Security Agency (the NSA) and allowed the intelligence agency to subvert any Windows user's security. During a presentation at the Computers, Freedom and Privacy 2000 (CFP2000) conference, Duncan Campbell, senior research fellow at the Electronic Privacy Information Center (EPIC), mentioned the _NSAKEY controversy as an example of an outstanding issue related to security and surveillance. In addition, Dr. Nicko van Someren found a third key in Windows 2000, which he doubted had a legitimate purpose, and declared that "It looks more fishy". 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「NSAKEY」の詳細全文を読む スポンサード リンク
|