NSA Built Back Door In Microsoft’s All Windows Software by 1999.

The National Security Agency (NSA) is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S. government communications and information systems, which involves information security and cryptanalysis/cryptography.

An article by leading European computer publication, Heise Dated, 04.09.1999 Stated that the NSA had already built a backdoor into all Windows software.

The Article states that A careless mistake by Microsoft programmers has reveled the special Access codes prepared by US National Security Agency, which have been built secretly in windows. The NSA Access system has been built in every windows operating system now in use, except windows 95 and its predecessors. The discovery comes close on the heels of the revelations when another US software giant, Lotus, built an NSA “help information” trapdoor into its Notes system, and that security functions on other software systems was been deliberately crippled.

The first discovery of the secret system was made by Dr Nicko van Someren. just after few days of this discovery hen a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Dr Nicko van Someren reported in Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.

 A second key was found: A US security company came up with conclusive evidence that the second key belongs to NSA. the company checked the latest Service Pack release for Windows NT4, Service Pack 5. they found that Microsoft’s developers had failed to remove or “strip” the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called “KEY”. The other was called “NSAKEY”.

A third key was found: even Microsoft’s top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was “stunned” to learn of these discoveries, by outsiders.

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone’s and everyone’s Windows computer to intelligence gathering techniques deployed by NSA’s burgeoning corps of “information warriors”.

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system “is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system”. The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. “Had the next-generation CPU’s with encrypted instruction sets already been deployed, we would have never found out about NSAKEY.