RSA Responds to Claim that it Gave NSA Back Door Access in Exchange for $10M
December 23, 2013 11:43 AM
comment(s) - last by
RSA responded saying that it had no idea the NSA algorithm was flawed
Former U.S. National Security Agency (NSA) contractor
has brought many NSA secrets to light this year, the most recent being a "secret" contract between the agency and security industry leader RSA.
According to more documents leaked by Snowden, the NSA entered into a $10 million contract with RSA to place a flawed formula within encryption software (which is widely used in personal computers and other products) to obtain "back door" access to data.
The RSA software that contained the flawed formula was called Bsafe, which was meant to increase security in computers. The formula was an algorithm called Dual Elliptic Curve, and it was created within the NSA. RSA started using it in 2004 even before the National Institutes of Standards and Technology (NIST) approved it.
According to the RSA, it had no idea that the algorithm was flawed, or that it gave the NSA back door access to countless computers and devices. The NSA reportedly sold the algorithm as an enhancement to security without letting the RSA in on its real intentions.
In fact, RSA responded to media reports about its contract with the NSA, saying it was never secret at all. It said the fact that RSA worked with NSA was always made public, but that RSA had no idea the government agency was actually sabotaging its encryption product.
"Recent press coverage has asserted that RSA entered into a 'secret contract' with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries. We categorically deny this allegation," said RSA in a
"We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security."
Many in the security community were surprised at RSA's entanglement with the NSA, but the latest news of a $10 million contract as well has really shocked the industry.
RSA is known as a pioneer in the realm of computer security, and has notoriously fought off the NSA in previous attempts at breaking encryption.
Back in the 1990s, RSA -- which was started by MIT professors in the 1970s and is now a subsidiary of EMC Corp. -- rallied against the Clinton administration's "Clipper Chip," which was supposed to be a required component in computers and phones that would allow government officials to bypass encryption with a warrant.
RSA created a public campaign against the Clipper Chip, and it was eventually tossed out. However, it resorted to export controls to stop enhanced cryptography from crossing U.S. borders, and RSA fought further. RSA then established an Australian division that could ship the products it wanted.
RSA told customers to stop using the NSA formula in Bsafe when NIST issued new guidance in September 2013.
This article is over a month old, voting and posting comments is disabled
RE: Not a day goes by...
12/25/2013 5:32:36 AM
HAH. Yeah, i'm sure the $758 billion stimulus program obama enacted in 2009 had nothing to do with it. That's just about the entire Iraq war there.
When are you people going to figure out it's not just the republicans, or the democrats, but both parties are equally to blame? Not to mention it goes back for many, many, MANY years before bush.
Why did bush run deficits? It's very, very simple: Because Clinton was the last person to steal from social security. How else do you think he "balanced the budget"? He didn't balance anything, he did just 2 things: 1. Steal the last of the actual money from social security (now filled with $2,6 trillion worth of
, or IOU's from the government, causing a drag on the budget because of yearly payments), and 2. Convert the vast majority of US debt, which then had an average maturity of 15+ years, to short term debt which carries much lower rates,saving money on interest rates, but also meaning now more then half of US debt matures under 3 years. If it wasn't for this combined with ZIRP from the Fed, interest on national debt would've already cost $1+ trillion a year. Which it will anyway if rates go back up to the historical average of 6,6%.
Oh now you think the democrats did it? What about Reagan who introduced deficit spending? There's hardly been a president who ran up the debt faster percentage wise then reagan, including bush and obama.
I've said it before (and was ridiculed for it) but i'll say it again. You want to look at the last fiscally responsive president? Jimmy carter. During the oil shocks he saw what the amount of credit present in the US economy had for effect and raised interest rates through the roof to stop it. And yknow what, he would've succeeded had he'd been re-elected, the rates would've come down naturally, credit would've been rained in, and NONE of the current fiscal problems would've been problems. Bush could've started 2 additional wars and the budget would've been *fine*.
But no. The American people decided they didn't like hardship. So they elected Nixon instead, first thing he did was drop the interest rates and resume the expansion of credit and whodathunkit, the economy "recovered". Also he had to drop the gold standard 3 years later because of this very fact, too much money vs gold in circulation. Gee, i wonder how that happened.
If it's the fault of ANYBODY, it's the fault of the american people as a whole. Vote republican. Vote democrat. But whatever you do, don't educate yourself. Just blame the other guy. Meanwhile, steal from your children, go on, they can't defend themselves anyway. You say your government are criminals? Well i say:
"Every nation get's the government it deserves".
"I'm an Internet expert too. It's all right to wire the industrial zone only, but there are many problems if other regions of the North are wired." -- North Korean Supreme Commander Kim Jong-il
NSA Employees Gave Edward Snowden Login Credentials, Passwords
November 8, 2013, 10:37 AM
Twitter Senior VP: "Diversity is Important, But We Can’t Lower the Bar"
November 9, 2015, 9:59 AM
CNN Resorts to Internet Censorship to Promote Clinton Over Senator Sanders
October 15, 2015, 2:47 PM
Breaking Bad: How to Crash Google's Chrome Browser With Just 8 Characters
September 23, 2015, 11:08 AM
Quick Note: Amazon UK Offers £10 Back on Any Order £50 or Over
August 3, 2015, 12:05 PM
Editorial: Reddit Allows Itself to be Hijacked as a Hate Platform For Racist Bigots
July 21, 2015, 6:32 PM
Mozilla and Facebook to Adobe: It's Time to Kill Flash
July 20, 2015, 6:30 PM
Most Popular Articles
DHS and TSA: Whoops, We Missed That 73 Airport Employees May be Terrorists
November 19, 2015, 2:16 PM
Creationists are Mad About Google Doodle Depicting Evolution
November 24, 2015, 8:48 PM
iPhone 7 May Pack 3-4 GB Memory, More Storage; 4-Inch Comeback is Rumored
November 20, 2015, 10:12 PM
Jumbo Joust: iPad Pro vs. Surface Pro 3 vs. Surface Pro 4
November 11, 2015, 1:00 AM
"Prepare to be Punished": Microsoft is Killing OneDrive With Cuts, Blames Users
November 3, 2015, 8:23 PM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information