HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED ABOUT A MINUTE AGO.
You are here: Home / World Wide Web / Did NSA Ink Secret Deal with RSA?
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
Did NSA Pay Security Firm $10M To Weaken Encryption?
Did NSA Pay Security Firm $10M To Weaken Encryption?
By Seth Fitzgerald / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
23
2013
Unlike some whistleblowers, Edward Snowden has decided to stagger the release of his NSA (National Security Agency) documents to ensure that Americans fully understand what the U.S. spy agency is doing. In September, Snowden revealed that the NSA had worked with security firm RSA in order to weaken the firm's encryption standards. Now, a new report shows that the NSA may have paid off RSA to do this.

Sources close to the matter have come out recently stating the RSA received $10 million from the NSA as part of a U.S. campaign to weaken encryption standards. In September, documents revealed that RSA was actually using the NSA's own algorithms in some of its services and by doing this, the firm guaranteed that the NSA would not have any trouble breaking through the encryption.

The Denial

Even though the Snowden documents and these most recent reports seem convincing, RSA has already jumped out into the media to deny any sort of secret deal with the NSA. "We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security," RSA said in response to these reports.

If RSA did receive the $10 million from the NSA, the firm would have been operating in a way that is completely different from the way that it operated in the 1990s. Nearly two decades ago, RSA actually led a fight against the NSA, which was trying to implement a system to allow the agency to decrypt phone conversations with ease.

Although it may have been pro-privacy in the 1990s, these reports suggest that once the early 2000s came along, a lot changed within the company. The reports indicate that some of these changes were so drastic that employees actually left the firm because of the direction that it was taking. Assuming that these allegations are correct, one of those extreme changes was the firm's secret deal with the NSA.

Defeating Encryption

In light of the Snowden revelations, individuals and businesses have flocked toward encryption to thwart attempts by the government to spy on them. This may be a good idea in some situations but if RSA, a leading encryption provider, has been operating as a partner to the NSA, the benefits of its encryption are questionable at best.

As early as 2007, academic reports confirmed that RSA was using a potentially flawed encryption standard with its Dual EC DRBG number generator. Despite these reports, RSA continued to use the generator and it never told customers to avoid using the standard until this September when it became obvious that the Dual EC DRBG generator was not working.

If the NSA did indeed pay off RSA to continue using a flawed encryption standard, it would confirm some of the suspicions that people have already had for months.

Tell Us What You Think
Comment:

Name:

james taylor:
Posted: 2013-12-24 @ 5:03am PT
Trustworthiness is an important factor in the complexion of further business dealings. If trust is broken, there is bound to be consequences whether presently or later on. The titlewave of distrust is ever growing. There will be an end result from all of this.

mike t:
Posted: 2013-12-24 @ 4:21am PT
And why was Richard Nixon forced to leave office? (Hint: Watergate)

Maria Roberts:
Posted: 2013-12-23 @ 5:26pm PT
Unfortunately the $10 million didn't come from the NSA, it came from the taxpayers pockets, and if we don't like that thought, it's up to us to shut it down. That and give Ed Snowden the Medal of Honor.

msbpodcast:
Posted: 2013-12-23 @ 3:13pm PT
"Yes" And that is the answer to your question. Look to RSA to start shedding customers faster that a mangy dog sheds fur... People went to RSA for SECURITY not to get a security HOLE. They won't forgive so easily.

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
UCS Invicta: Integrated Flash Why wait for the future? Unlock the potential of your applications and create new business opportunities today with UCS Invicta Series Solid State Systems. Take advantage of the power of flash technology. See how it can help accelerate IT, eliminate data center bottlenecks, and deliver the peak application performance and predictability your users demand. Click here to learn more.
MORE IN WORLD WIDE WEB
Product Information and Resources for Technology You Can Use To Boost Your Business
© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.