[2644] in cryptography@c2.net mail archive
Real-life example of the "You are now in France" attack
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Thu May 7 23:37:03 1998
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@c2.net
Reply-To: pgut001@cs.auckland.ac.nz
X-Charge-To: pgut001
Date: Fri, 8 May 1998 15:26:48 (NZST)
The MS CryptoAPI mailing list recently carried an example of how an actual "You
are now in France" attack might work. It turns out that if you switch the
system-wide locale of an NT system to French, the encryption functionality of
CryptoAPI disables itself (signing and hashing still works). Conversely,
switching the locale from French to something French-related (Belgian, Swiss,
or Canadian French) reenables the crypto. Since NT allows per-thread locales,
it'd be interesting to see if you can selectively enable/disable the crypto for
a particular application without needing to change your system-wide locale
setting (set the system locale to French Canadian, then set the thread locale
to French so you get the UI acting as "French" French but the crypto acting as
Canadian French).
Peter.
