The Microsoft Windows _NSAKEY Backdoor
Microsoft _NSAKEY is a signing key found in Microsoft’s CryptoAPI since Windows 95. Many claimed this was the ultimate backdoor for the National Security Agency. But is this a hoax, or is the _NSAKEY a real backdoor in Microsoft Windows?
A British researcher discovered that Microsoft was cryptographically signing its CryptoAPI with two keys. This means two separate entities could approve software running inside Windows. One of those entities was Microsoft. The identity of the other one remained a mystery.
But then Microsoft shipped a Service Pack 5 for WindowsNT4. Somebody down the chain of command at Microsoft forgot to remove information revealing the true identity of both of the signing keys. Chief security scientist at Ontario-based Cryptonym Andrew Fernandes found the names of the two keys. One was simply called “_KEY”. And the other was “_NSAKEY”.