Microsoft has denied the company is considering adding a back-door to Windows Vista's encryption system for the benefit of law enforcement agencies.
"The official line from high up is that we do not create back doors," said Niels Ferguson, a noted cryptographer now working for Microsoft, in a blog entry late last week. (http://blogs.msdn.com/si_team/archive/2006/03/02/542590.aspx)
"In the unlikely situation that we are forced to by law we'll either announce it publicly or withdraw the entire feature. Back doors are simply not acceptable."
Ferguson was responding to a recent article published by the BBC, detailing Home Office concerns over BitLocker, the encryption system to be introduced in Vista at the end of this year. Vista is expected to usher in the era of "trusted computing", a scheme which links encryption to a Trusted Platform Module (TPM) in a PC's hardware.
Such systems are designed to deter intruders and make it more difficult to access unlicensed music and video content, but could also make it more difficult for police to recover data from computers. The Home Office confirmed to the BBC that it "has already been in touch with Microsoft concerning this matter and is working closely with them", according to the article.
"The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data. Over my dead body," said Ferguson.
Ferguson, a Dutch cryptographer who co-authored the book Practical Cryptography with Bruce Schneier, and who claims to have cracked the copy-protection system to be built into Blu-Ray and HD-DVD discs, said Microsoft is talking to governments mainly to help them understand the implications of BitLocker.
"They foresee that they will want to read BitLocker-encrypted data, and they want to be prepared," Ferguson wrote. "Like any security technology, BitLocker has its avenues of attack and law enforcement should know about them. For example, if they search a house and find a computer, they should also take all USB thumb drives, as these might contain a BitLocker key."
BitLocker Drive Encryption is aimed at protecting data on machines that have been lost or stolen. The hardware-based system encrypts the entire Windows system volume using 128-, 192- or 256-bit AES,
Ross Anderson, Cambridge University professor of security engineering, in February told Members of Parliament that BitLocker could create insuperable barriers for law-enforcement agencies. "It's going to be technically fairly seriously difficult to take encrypted material out of the system," Anderson said.
"The whole point about Vista is that everything's always encrypted all the time because that enables you to enforce all these rights management rules," Anderson said in an interview with IDG News Service. "The idea behind rights management is that the rules are no longer set by the person who owns the computer, but by the person who owns the document."
A cocaine dealer could assign rules to an Excel spreadsheet with details of his December sales that only allow the document to be read by a select few. He could also set an expiration date for the document. When the keys in the TPM chip expire, the document could theoretically never be available again, Anderson said.
A Microsoft spokeswoman confirmed the company is working with UK law enforcement agencies to help them understand Vista's security features.