Jump to content

NSAKEY

Mayelana Wikipedia

_NSAKEY kwaba variable igama zatholakala e Windows NT 4 SP5 ngo-1999 ngu-Andrew D. Fernandes ka Cryptonym Corporation.Ukuhluka bekuqukethe ukhiye womphakathi ongu-1024-bit; okhiye abanjalo basetshenziswa ekubetheni okhiye womphakathi kokubethela nokuqinisekisa.Ngenxa yaleli gama, noma kunjalo, kwakucatshangwa ukuthi ukhiye uzovumela i-United States National Security Agency (NSA) ukuthi ichithe noma yikuphi ukuphepha komsebenzisi weWindows.IMicrosoft yakuphika ukuqagela yathi igama lokhiye livela ekutheni i-NSA yayiyigunya lokubuyekeza ubuchwepheshe kwezilawuli zokuthumela i-cryptography zase-US .

Ukubuka konke

[hlela | Hlela umthombo]

IMicrosoft idinga wonke amasudi we-cryptography asebenzisana ne- Microsoft Windows ukuze abe nesiginesha yedijithali.Njengoba kungamakhompiyutha avunyelwe yiMicrosoft kuphela angathunyelwa ngeWindows, kungenzeka ukugcina amakhophi wokuthumela ngaphandle kwalolu hlelo lokusebenza ngokuhambisana neMithetho Yokulawulwa Kwempahla Ephumayo (EAR), ephoqelelwa yi- Bureau of Industry and Security (BIS).

Ngesikhathi sethulwa engqungqutheleni yeComputer, Freedom and Privacy 2000 (CFP2000), uDuncan Campbell, umcwaningi omkhulu e- Electronic Privacy Information Center (EPIC), ubalule impikiswano ye-_NSAKEY njengesibonelo sendaba evelele ehlobene nokuphepha nokuqashwa.

Ngaphezu kwalokho, uDkt Nicko van Someren wathola ukhiye wesithathu ku-Windows 2000, ayengabaza ukuthi unenhloso esemthethweni, futhi wamemezela ukuthi "Kubukeka kunenhlanzi".

Ukusabela kweMicrosoft

[hlela | Hlela umthombo]

IMicrosoft yakuphika ukuqagela kwangaphandle ku _NSAKEY yathi "Lokhu kuqagela kuyindida kwazise iMicrosoft ibiphikisana njalo neziphakamiso ezahlukahlukene zokuphakanyiswa kwezimali zokuhlongozwa kwabantu nguhulumeni."Ngokusho kweMicrosoft, uphawu lokhiye kwakungu "_NSAKEY" ngoba i-NSA kwakuyigunya lobuchwepheshe lobuchwepheshe bezilawuli zokuthumela i-cryptography e-US, kanti ukhiye waqinisekisa ukuthobela imithetho yase-US yokuthumela ngaphandle.

AbakwaMicrosoft bathi ukhiye wesithathu ubukwakhiwa kwe-beta kuphela kweWindows 2000 nokuthi inhloso yayo bekuwukusayina abahlinzeki benkonzo ye-Cryptographic .

I -Mozilla ikhasi ngemibuzo evamile ku indlela yokubhala efihla incazelo ukhuluma:

Empeleni kungenzeka ngaphansi kwezimo ezithile ukuthola ilayisense yokuthumela ngaphandle isoftware esebenzisa imisebenzi ye-cryptographic nge-API.Isibonelo, ukuqaliswa kweMicrosoft kwemininingwane ye-Microsoft Cryptographic API (CryptoAPI) kuvunyelwe ukuthunyelwa ngaphandle kusuka e-US, noma ngabe isebenzisa i-API lapho abantu besithathu, kufaka phakathi abantu besithathu abangaphandle kwe-US, bangeza amamojuli ahlukile ("Abahlinzeki Bezinsizakalo ze-Cryptographic" noma ama-CSPs) enza ukusebenza kwe-cryptographic.Lokhu kuvunyelwa ukuthekelisa kwenzeka kwenzeka ngenxa yokuthi a) ukuqaliswa kwe-CryptoAPI kudinga ukuthi ama-CSP wesithathu asayinwe ngokwamanani yi-Microsoft futhi anqabe imizamo yokubiza ama-CSP angasayiniwe kangako; b) ngale nqubo yokusayina iMicrosoft ingaqinisekisa ukuhambisana nemithetho efanele yokulawulwa kokuthekelisa yase-US (isib. futhi c) Ukusetshenziswa kwe-Microsoft kwe-CryptoAPI kutholakala kuphela ngendlela ephathekayo, ngakho-ke kucatshangwa ukuthi kungamelana kahle nokuphazanyiswa ngumsebenzisi ukukhubaza isheke lesiginesha ye-CSP.

IMicrosoft ithe ukhiye wesibili ukhona njengesipele sokuvikela ukuthi kungenzeka ulahlekelwe ukhiye oyimfihlo oyinhloko.UFernandes uyayingabaza le ncazelo, ekhomba ukuthi indlela eyamukelwa ngokujwayelekile yokuqapha ukulahleka kokhiye oyimfihlo ukuhlukanisa imfihlo, okungahlukanisa ukhiye ube izingxenye ezahlukahlukene, ezizobe zisatshalaliswa kubaphathi abaphezulu.Uthe lokhu kuzoba namandla kakhulu kunokusebenzisa okhiye ababili; uma ukhiye wesibili ulahlekile futhi, iMicrosoft izodinga ukumaka noma ukuthuthukisa wonke amakhophi eWindows emhlabeni, kanye nayo yonke imodyuli ye-cryptographic eyake yasayina. Bekungenzeka ukuthi kususwe i- _NSAKEY yesibili.

Kukhona izindaba ezinhle phakathi kwababi, noma kunjalo.Kuvela ukuthi kunephutha endleleni okwenziwa ngayo ukusebenza kwe- "crypto_verify". Ngenxa yendlela ukuqinisekiswa kwe-crypto kwenzeka ngayo, abasebenzisi bangaqeda kalula noma bashintshe ukhiye we-NSA ohlelweni lokusebenza ngaphandle kokushintsha noma yiziphi izingxenye zokuqala zeMicrosoft.Njengoba ukhiye we-NSA ushintshwa kalula, kusho ukuthi izinkampani okungezona ezase-US zikhululekile ukufaka izinsiza "eziqinile" ze-crypto kuWindows, ngaphandle kwemvume kaMicrosoft noma yeNSA.Ngakho-ke i-NSA isuse ngempumelelo ukulawula okuthekelisa kwe- "strong" crypto ku-Windows.Uhlelo lokubonisa oluthatha indawo yokhiye we-NSA lungatholakala kuwebhusayithi ye-Cryptonym.

Izinkinobho ze-PGP

[hlela | Hlela umthombo]

NgoSepthemba 1999, umcwaningi ongaziwa wahlehlisa kabusha ukhiye oyinhloko kanye ne- _NSAKEY kufomethi ehambelana ne-PGP futhi wayishicilela kumaseva abalulekile .

Ukhiye oyinhloko (_KEY)

[hlela | Hlela umthombo]
 Type Bits/KeyID Date User ID
 pub 1024/346B5095 1999/09/06 Microsoft's CAPI key <postmaster@microsoft.com>

 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: 2.6.3i

 mQCPAzfTc8YAAAEEALJz4nepw3XHC7dJPlKws2li6XZiatYJujG+asysEvHz2mwY
 2WlRggxFfHtMSJO9FJ3ieaOfbskm01RNs0kfoumvG/gmCzsPut1py9d7KAEpJXEb
 F8C4d+r32p0C3V+FcoVOXJDpsQz7rq+Lj+HfUEe8GIKaUxSZu/SegCE0a1CVABEB
 AAG0L01pY3Jvc29mdCdzIENBUEkga2V5IDxwb3N0bWFzdGVyQG1pY3Jvc29mdC5j
 b20+iQEVAwUQN9Nz5j57yqgoskVRAQFr/gf8DGm1hAxWBmx/0bl4m0metM+IM39J
 yI5mub0ie1HRLExP7lVJezBTyRryV3tDv6U3OIP+KZDthdXb0fmGU5z+wHt34Uzu
 xl6Q7m7oB76SKfNaWgosZxqkE5YQrXXGsn3oVZhV6yBALekWtsdVaSmG8+IJNx+n
 NvMTYRUz+MdrRFcEFDhFntblI8NlQenlX6CcnnfOkdR7ZKyPbVoSXW/Z6q7U9REJ
 TSjBT0swYbHX+3EVt8n2nwxWb2ouNmnm9H2gYfXHikhXrwtjK2aG/3J7k6EVxS+m
 Rp+crFOB32sTO1ib2sr7GY7CZUwOpDqRxo8KmQZyhaZqz1x6myurXyw3Tg==
 =ms8C
 -----END PGP PUBLIC KEY BLOCK-----

Ukhiye wesibili (_NSAKEY no _KEY2)

[hlela | Hlela umthombo]
 Type Bits/KeyID Date User ID
 pub 1024/51682D1F 1999/09/06 NSA's Microsoft CAPI key <postmaster@nsa.gov>

 -----BEGIN PGP PUBLIC KEY BLOCK-----
 Version: 2.6.3i

 mQCPAzfTdH0AAAEEALqOFf7jzRYPtHz5PitNhCYVryPwZZJk2B7cNaJ9OqRQiQoi
 e1YdpAH/OQh3HSQ/butPnjUZdukPB/0izQmczXHoW5f1Q5rbFy0y1xy2bCbFsYij
 4ReQ7QHrMb8nvGZ7OW/YKDCX2LOGnMdRGjSW6CmjK7rW0veqfoypgF1RaC0fABEB
 AAG0LU5TQSdzIE1pY3Jvc29mdCBDQVBJIGtleSA8cG9zdG1hc3RlckBuc2EuZ292
 PokBFQMFEDfTdJE+e8qoKLJFUQEBHnsH/ihUe7oq6DhU1dJjvXWcYw6p1iW+0euR
 YfZjwpzPotQ8m5rC7FrJDUbgqQjoFDr++zN9kD9bjNPVUx/ZjCvSFTNu/5X1qn1r
 it7IHU/6Aem1h4Bs6KE5MPpjKRxRkqQjbW4f0cgXg6+LV+V9cNMylZHRef3PZCQa
 5DOI5crQ0IWyjQCt9br07BL9C3X5WHNNRsRIr9WiVfPK8eyxhNYl/NiH2GzXYbNe
 UWjaS2KuJNVvozjxGymcnNTwJltZK4RLZxo05FW2InJbtEfMc+m823vVltm9l/f+
 n2iYBAaDs6I/0v2AcVKNy19Cjncc3wQZkaiIYqfPZL19kT8vDNGi9uE=
 =PhHT
 -----END PGP PUBLIC KEY BLOCK-----

Izinkomba

[hlela | Hlela umthombo]