Vista SP1 bringing back door exploit?

 

Gallery

By Stuart Turton

Posted on 18 Dec 2007 at 16:08

A US cryptographer is warning that the random number generator Microsoft is bundling with SP1 includes a backdoor exploitable by the National Security Agency.

Random number generators are important because they provide the bedrock for SSL keys, which ensure secure internet communications for web browsing, email and instant messaging. Breaking the random number generator could leave user communications open to interception.

Security blogger Bruce Schneier believes this is precisely what will happen to the
"Dual_EC-DRBG" random number generator employed by Vista.

"There are a bunch of constants - fixed numbers - in the standard used to define the algorithm's elliptic curve," he says on his blog.

"These numbers have a relationship with a second, secret set of numbers that can act as a kind of skeleton key."

"To put that in real terms, you only need to monitor one TLS internet encryption connection in order to crack the security of that protocol. If you know the secret numbers, you can completely break any instantiation of Dual_EC_DRBG."

Schneier believes that this "secret" second set of numbers are held by the US's National Security Agency, one of the agencies which he claims championed Dual EC-DRBG as a cryptographic standard.

Microsoft hadn't replied to request for comment at the time of publication.