0
NSA trapdoor Lotus Notes system, and that security functions on other software systems had been deliberately crippled.
archive.ph

According to the text, the Lotus Notes backdoor was a deliberate feature inserted by the NSA to subvert the security subsystem in Lotus Notes. The idea was to use differential cryptography, where 24 bits of the 64-bit key would be encrypted under one of the NSA's public keys and then appended to the encrypted content. This would allow the NSA to decrypt those 24 bits of the key with their corresponding private key and then brute-force the remaining 40 bits.

In other words, the NSA had a backdoor in Lotus Notes that allowed them to access encrypted data by decrypting a portion of the key and then brute-forcing the rest. This was done to comply with US crypto export regulations, which required software companies to include key escrow features that would allow the government to access encrypted data.

The backdoor was discovered by an anonymous researcher who reverse-engineered the primary key and the _NSAKEY into PGP-compatible format and published them to key servers in September 1999.

It's worth noting that this backdoor was not a bug or a vulnerability, but rather a deliberate feature designed to allow the NSA to access encrypted data. This raises concerns about the trustworthiness of software companies and the potential for government agencies to insert backdoors into software products.

Lotus 1-2-3 has some common components or technologies, such as:

LotusScript: Both Lotus 1-2-3 and Lotus Notes use LotusScript, a programming language developed by Lotus Software. LotusScript is used for automating tasks, creating custom applications, and integrating with other Lotus products. OLE (Object Linking and Embedding): Both products may use OLE, a technology that allows different applications to share data and functionality. Database technology: Lotus Notes uses a database technology called NSF (Notes Storage Facility), which is also used in other Lotus products, including Lotus 1-2-3.

The main 64-bit algorithm used in older versions of Lotus Notes/Domino was RC2. This was the default encryption for local database files (NSF files) prior to the introduction of AES encryption in later versions. The 64-bit RC2 algorithm was used for both domestic and international versions, with some international versions using a weaker 40-bit variant

An interview with the author(s) of this article
waiting for moderation