News & Information for Technology Purchasers NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Enterprise I.T. Cloud Computing Applications Hardware More Topics...
GET RECOGNIZED
Let an ISACA® certification elevate your career.
Register today and save
You are here: Home / World Wide Web / Did NSA Ink Secret Deal with RSA?
DDoS Protection Powered By Verisign
Did NSA Pay Security Firm $10M To Weaken Encryption?
Did NSA Pay Security Firm $10M To Weaken Encryption?
By Seth Fitzgerald / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
23
2013


Unlike some whistleblowers, Edward Snowden has decided to stagger the release of his NSA (National Security Agency) documents to ensure that Americans fully understand what the U.S. spy agency is doing. In September, Snowden revealed that the NSA had worked with security firm RSA in order to weaken the firm's encryption standards. Now, a new report shows that the NSA may have paid off RSA to do this.

Sources close to the matter have come out recently stating the RSA received $10 million from the NSA as part of a U.S. campaign to weaken encryption standards. In September, documents revealed that RSA was actually using the NSA's own algorithms in some of its services and by doing this, the firm guaranteed that the NSA would not have any trouble breaking through the encryption.

The Denial

Even though the Snowden documents and these most recent reports seem convincing, RSA has already jumped out into the media to deny any sort of secret deal with the NSA. "We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security," RSA said in response to these reports.

If RSA did receive the $10 million from the NSA, the firm would have been operating in a way that is completely different from the way that it operated in the 1990s. Nearly two decades ago, RSA actually led a fight against the NSA, which was trying to implement a system to allow the agency to decrypt phone conversations with ease.

Although it may have been pro-privacy in the 1990s, these reports suggest that once the early 2000s came along, a lot changed within the company. The reports indicate that some of these changes were so drastic that employees actually left the firm because of the direction that it was taking. Assuming that these allegations are correct, one of those extreme changes was the firm's secret deal with the NSA.

Defeating Encryption

In light of the Snowden revelations, individuals and businesses have flocked toward encryption to thwart attempts by the government to spy on them. This may be a good idea in some situations but if RSA, a leading encryption provider, has been operating as a partner to the NSA, the benefits of its encryption are questionable at best.

As early as 2007, academic reports confirmed that RSA was using a potentially flawed encryption standard with its Dual EC DRBG number generator. Despite these reports, RSA continued to use the generator and it never told customers to avoid using the standard until this September when it became obvious that the Dual EC DRBG generator was not working.

If the NSA did indeed pay off RSA to continue using a flawed encryption standard, it would confirm some of the suspicions that people have already had for months.

Tell Us What You Think
Comment:

Name:

james taylor:

Posted: 2013-12-24 @ 5:03am PT
Trustworthiness is an important factor in the complexion of further business dealings. If trust is broken, there is bound to be consequences whether presently or later on. The titlewave of distrust is ever growing. There will be an end result from all of this.

mike t:

Posted: 2013-12-24 @ 4:21am PT
And why was Richard Nixon forced to leave office? (Hint: Watergate)

Maria Roberts:

Posted: 2013-12-23 @ 5:26pm PT
Unfortunately the $10 million didn't come from the NSA, it came from the taxpayers pockets, and if we don't like that thought, it's up to us to shut it down. That and give Ed Snowden the Medal of Honor.

msbpodcast:

Posted: 2013-12-23 @ 3:13pm PT
"Yes" And that is the answer to your question. Look to RSA to start shedding customers faster that a mangy dog sheds fur... People went to RSA for SECURITY not to get a security HOLE. They won't forgive so easily.

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY BE OF INTEREST
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN WORLD WIDE WEB
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Dairy Queen Latest Retailer To Report Hack
Dairy Queen is known for its hot fries and sweet treats, but it just made cyber history as the latest victim of a hack attack. The fast food chain said that customer data at some stores may be at risk.
 
Lessons from the JPMorgan Chase Cyberattack
JPMorgan Chase is investigating a likely cyberattack. The banking giant is cooperating with law enforcement, including the FBI, to understand what data hackers may have obtained.
 
Who Is the Hacker Group Lizard Squad?
Are they dangerous or just obnoxious? That’s what many are wondering about the hacker group Lizard Squad, which tweeted out a bomb threat that grounded a flight with a Sony exec aboard.
 

Enterprise Hardware Spotlight
HP Previews ProLiant Gen9 Servers
Because traditional data center and server architectures are “constraints” on businesses, HP is releasing new servers aimed at faster, simpler and more cost-effective delivery of computing services.
 
Apple Set To Release Largest iPad Ever
Tech giant Apple seems to have adopted the mantra “go big or go home.” The company is planning to introduce its largest iPad ever: a 12.9-inch behemoth that will dwarf its largest existing models.
 
Alert: HP Recalls 5 Million Notebook AC Power Cords
HP is recalling about 5.6 million notebook computer AC power cords in the U.S. and another 446,700 in Canada because of possible overheating, which can pose a fire and burn hazard.
 

Mobile Technology Spotlight
Apple Sets Sept. 9 Event: iPhone 6, iWatch on Tap?
Save the date. Apple formally announced that its long-anticipated “special event," will take place on September 9. Does the tech giant have the iPhone 6, and the iWatch up its sleeve?
 
Samsung's New Smart Watch Makes Calls Without Phone
Following up on the Gear 2, Samsung has unveiled a new 3G smart watch, the Gear S, that stands out in its ability to make phone calls and send text messages without a smartphone.
 
Apple Set To Release Largest iPad Ever
Tech giant Apple seems to have adopted the mantra “go big or go home.” The company is planning to introduce its largest iPad ever: a 12.9-inch behemoth that will dwarf its largest existing models.
 

Navigation
NewsFactor Network
Home/Top News | Enterprise I.T. | Cloud Computing | Applications | Hardware | Mobile Tech | Big Data | Communications
World Wide Web | Network Security | Data Storage | CRM Systems | Microsoft/Windows | Apple/Mac | Linux/Open Source | Personal Tech
Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.