Your Source for Leaks Around the World!

Security Industry Pioneer RSA Paid $10 Million to Use Backdoored NSA Algorithm in Crypto Software

In Archive, Encryption, NSA, Technology on December 21, 2013 at 1:23 PM

nas-rsa-crypto

12/20/2013

Joseph Menn/Reuters:

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

Undisclosed until now was that RSA received $10 million in a deal that set the NSA formula as the preferred, or default, method for number generation in the BSafe software, according to two sources familiar with the contract. Although that sum might seem paltry, it represented more than a third of the revenue that the relevant division at RSA had taken in during the entire previous year, securities filings show.

More…

RSA Response to Media Claims Regarding NSA Relationship

  1. […] Security Industry Pioneer RSA Paid $10 Million to Use Backdoored NSA Algorithm in Crypto Software […]

  2. […] The description of Sentry Raven, which focuses on encryption, provides additional confirmation that American companies have helped the NSA by secretly weakening encryption products to make them vulnerable to the agency. The briefing sheet states the NSA “works with specific U.S. commercial entities…to modify U.S manufactured encryption systems to make them exploitable for SIGINT.” It doesn’t name the commercial entities or the encryption tools they modified, but it appears to encompass a type of activity that Reuters revealed last year—that the NSA paid $10 million to the security firm RSA to use a weak random number generator in one of its en…. […]

  3. […] Security Industry Pioneer RSA Paid $10 Million to Use Backdoored NSA Algorithm in Crypto Software […]

  4. […] process of weakening encryption standards has been going on for some time. A classification guide, a document that explains how to classify […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: