Domestic Spying: NSA has Backdoor Key to Microsoft Windows

Sept 3, 1999

A careless mistake by Microsoft programmers has shown that special access codes for use by the U.S. National Security Agency (NSA) have been secretly built into all versions of the Windows operating system.

Computer-security specialists have been aware for two years that unusual features are contained inside a standard Windows driver used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions including the Microsoft Cryptographic API (MS-CAPI). In particular, it authenticates modules signed by Microsoft, letting them run without user intervention.

At last year’s Crypto 98 conference, British cryptography specialist Nicko van Someren said he had disassembled the driver and found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with U.S. export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

Now, a North Carolina security company has come up with conclusive evidence the second key belongs to the NSA. Like van Someren, Andrew Fernandes, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found Microsoft’s developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY." The other was called "NSAKEY."

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to the "Advances in Cryptology, Crypto’99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users’ knowledge.

But according to two witnesses attending the conference, even Microsoft’s top crypto programmers were stunned to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. This discovery, by van Someren, was based on advance search methods which test and report on the "entropy" of programming code.

Within Microsoft, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

No researchers have yet discovered a programming module which signs itself with the NSA key. Researchers are divided about whether it might be intended to let U.S. government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone’s and everyone’s Windows computer to intelligence gathering techniques deployed by the NSA’s burgeoning corps of "information warriors."

According to Fernandes of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onward.

"For non-American IT managers relying on WinNT to operate highly secure data centers, this find is worrying," he added. "The U.S government is currently making it as difficult as possible for ’strong’ crypto to be used outside of the U.S. That they have also installed a cryptographic back-door in the world’s most abundant operating system should send a strong message to foreign IT managers.

"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has installed a ’back door’ for the NSA — making it orders of magnitude easier for the U.S. government to access your computer?" he said.

Van Someren said he felt the primary purpose of the NSA key might be for legitimate U.S. government use. But he said there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy," he said on Friday.

Fernandes said he believed the NSA’s built-in loophole could be turned round against the snoopers. The NSA key inside CAPI could be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorized third parties, unapproved by Microsoft or the NSA. This is exactly what the U.S. government has been trying to prevent.

A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym’s website.

According to one leading U.S. cryptographer, the IT world should be thankful the subversion of Windows by NSA has come to light before the arrival of CPUs that handle encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPUs with encrypted instruction sets already been deployed, we would have never found out about NSAKEY," he said.

http://www.techweb.com/wire/story/TWB19990903S0014