Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics //

Security Monitoring

RSA Denies Trading Security For NSA Payout

EMC security subsidiary accused of accepting $10 million from the NSA to purposefully use encryption for which the intelligence agency enjoyed backdoor access.

RSA was put on the defensive on Friday, after a report surfaced suggesting that the EMC-owned security firm accepted a $10 million payment from the National Security Agency (NSA) to select a weak random number generator as the default for its BSAFE encryption libraries.

That allegation was first reported by Reuters, which said it based its report on interviews with a dozen current and former employees of RSA. The alleged "secret" $10 million contract, signed in 2006, would have represented more than one third of the annual revenue of RSA's labs division the year prior to the contract being signed.

On Sunday, RSA issued a statement denying that it had "entered into a 'secret contract' with the NSA to incorporate a known flawed random number generator into its BSAFE encryption libraries."

The company added that at no point had it built backdoors into its products. "RSA always acts in the best interest of its customers and under no circumstances does RSA design or enable any back doors in our products," it said. "Decisions about the features and functionality of RSA products are our own."

[Google's biannual report points to an increase in government efforts to erase content that's critical of it. Read Google Says Governments Fight Transparency.]

But according to the Reuters report, the NSA has enjoyed backdoor access to any of those BSAFE-using products for which administrators employed RSA's recommended -- or default -- security settings. How many products would have been vulnerable? According to RSA's website, "BSAFE software is embedded and tested in thousands of commercial applications and is available in C/C++ and Java," including products made by BMC, Datamaxx, and EMC.

The allegations contained in the Reuters report follow the Guardian and The New York Times, among other publications, which detailed in September documents leaked by former agency contractor Edward Snowden concerning Project Bullrun. The NSA project appeared to be designed to give the intelligence agency's analysts the ability to do an end-run around the crypto that's supposed to secure HTTPS, VoIP, and Secure Sockets Layer, among other protocols.

"Project Bullrun deals with NSA's abilities to defeat the encryption used in specific network communication technologies," read a leaked NSA document.

But the documents also documented how the NSA worked with some vendors of commercial encryption products "to make them exploitable," as well as required other U.S. vendors -- in what were described as "commercial relationships with industry partners" -- to add backdoor access to their software and hardware.

According to the Friday report in Reuters, in 2006, RSA's new CEO, Art Coviello, accepted a pitch from the NSA that the security company adopt its Dual Elliptic Curve algorithm (a.k.a. Dual EC DRBG), which is supposed to generate random numbers.

But according to RSA, the choice to select the algorithm dated from 2004. "We made the decision to use Dual EC DRBG as the default in BSAFE toolkits in 2004, in the context of an industry-wide effort to develop newer, stronger methods of encryption," said the company's statement. "At that time, the NSA had a trusted role in the community-wide effort to strengthen, not weaken, encryption."

It added that customers have always been free to select from multiple algorithms. "This algorithm is only one of multiple choices available within BSAFE toolkits, and users have always been free to choose whichever one best suits their needs," RSA said.

Earlier this year, in the wake of ongoing disclosures by Snowden, both NIST and RSA began recommending that organizations discontinue using the Dual Elliptic Curve algorithm. But concern over the Dual Elliptic Curve algorithm began in 2006, and was followed by a 2007 Crypto conference revealing what Bruce Schneier, chief security technology officer of BT, described at the time as "a weakness that can only be described as a backdoor."

"This is scary stuff," he said at the time, and recommended that no one use Dual EC DRBG "under any circumstances."

But until September 2013, RSA continued to offer the algorithm as its BSFAFE toolkit library's default option. "We continued using the algorithm as an option within BSAFE toolkits as it gained acceptance as a NIST standard and because of its value in FIPS [Federal Information Processing Standards] compliance," read RSA's Sunday statement. "When concern surfaced around the algorithm in 2007, we continued to rely upon NIST as the arbiter of that discussion."

Documents leaked earlier this year by Snowden have suggested that NIST worked with NSA to actively weaken the encryption protocols used in commercial products.

"We no longer know whom to trust," Schneier said in a Monday blog post. "This is the greatest damage the NSA has done to the Internet, and will be the hardest to fix."

The NSA leak showed that one rogue insider can do massive damage. Use these three steps to keep your information safe from internal threats. Also in the Stop Data Leaks issue of Dark Reading: Technology is critical, but corporate culture also plays a central role in stopping a big breach. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
User Rank: Ninja
1/4/2014 | 6:56:04 PM
We Didn't Sell no stinkin' backdoor for $10M
Sorry, but I'm not buying the "who me" routine by RSA.  Either it built in backdoors (as evidenced by the 2006 contract and testimony of former employees) or it did not.  RSA cannot have it both ways.  Only uninformed rubes and stockholders will believe their obfuscations and lies.
Faye Kane, homeless brain
Faye Kane, homeless brain,
User Rank: Apprentice
12/27/2013 | 5:32:23 AM
Re: Why in the world is everybody up in arms?? For the sake of privacy?

Yeah, for the sake of privacy! 

I know that's laughable to you NSA spooks, but we don't want the government reading our email, tracking our location, and doing network analysis on our phone calls.

Until we can drag you out of your Secure Location and throw you up against the wall, I expect you to ignore those wishes, but don't insult us by playing stupid.

Faye Kane, homeless brain
Faye Kane, homeless brain,
User Rank: Apprentice
12/27/2013 | 5:13:07 AM
How did anyone get fooled by this?
The random seeds of a crypto algorithm can be anything, as long as they're not all the same and everyone knows what they are. "Nothing up my sleeve numbers" are used specifically to insure that sleazy stuff like this doesn't happen.

As I remember, before 9/11 the random seeds for SHA were the cube roots of the first N digits of the fractional part of e.  But three weeks after 9/11, the NSA told NIST that those weren't "robust enough for future encryption", and handed them a list of magic numbers, with no explanation of what was wrong with the old ones or what was better about the new ones.

Amazingly, NIST said "Okay, no problem!" to what, to me, would have been obvious shenanigans — almost certainly a backdoor.

Sure, a couple of mathematicians like Schneider called bulls hit, but nobody really cared since the NIST said it was cool. Then—surprise!  The NSA turns out to have backdoored the hash function.

Who could EVER have imagined?

My question now is one I have myself been asked many times: How can someone so smart be so stupid??

Do crypto experts just rubber-stamp whatever comes along while waiting for lunchtime?  Didn't anyone find the 9/11 timing suspicious?  Why didn't anyone ask why we needed new random seeds?

These are not rhetorical questions and I would very much like to know the answers.  Unfortunately, I'm not in a position to demand answers, and the people who are, are either too inimidated, too lazy, too timid, or too bribed by the NSA to ask them.

I long ago learned not to trust code written by anyone other than myself, and more recently learned not to trust anyone at all, in any domain.  But there are people who have a lot at stake in secure systems.

Where are they, and why aren't they raising high holy hell?

--faye kane girl brain, sexiest astrophysicist you'll ever see naked
User Rank: Apprentice
12/24/2013 | 3:06:15 PM
Re: What Schneier says... is good enough for me
This is a problem, but it also feels like an opportunity for companies to strengthen security around their products. 

Many organizations have little incentive to operate within the NSA's rules; rather they may have to comply if asked. But there just might be a value proposition in having the ability to offer better security than that of the next rival. That's something to think about. 
User Rank: Apprentice
12/24/2013 | 1:10:21 PM
Re: Who's Against Who?
The right to Privacy is a Constitutional guarantee in this country. Your comments indicate that you should actually take the time to truly understand what that means. Learn about the architecture of our system of government, why it was created that way, what history has taught us about various forms of government, and how our constitution guides and protects that system. We (the US and ostensibly others) now have the technology to snoop on just about every aspect of our daily lives. That doesn't mean that we should just throw down the gauntlet and surrender our Constitutional rights just because some Government authority says you will sleep better at night. Yeah, go ahead and give the NSA the power to scrape all the info they want. And then, think about how one guy like Snowden can walk out the door with all of that in a briefcase. That's the kind of power that can potentially bring down entire countries.
User Rank: Apprentice
12/24/2013 | 12:35:31 PM
Re: What Schneier says... is good enough for me
checkoutthenetworthofsomeofrsa'sinvestors.financebloombergsportsenterpriseproductsenterprisesolutionstradingsolutionsbloomberganywheresearchsavedregistersigninsigninsearch thissiteusescookies.bycontinuingtobrowsethesiteyouareagreeingtoouruseofcookies.xpleaseupgradeyourbrowserforabetteruserexperience.recentmovertwitterinctwtr(nyse)69.36+4.82+7.47%homenewsquickopinionmarketspersonalfinancetechpoliticssustainabilityluxuryvideoradiomorestoriesgetthebloombergwashingtonnewsletter.learnmorenewsattheintersectionofpoliticsandtheeconomy.deliveredweekdaymorningsestcheckyouremailandconfirmyouraddresstostartreceivingnewsletters.resendconfirmationyouaresubscribedtothebloombergwashingtonnewsletter.subscribetomorenewsletters.signup> headlinespopularlatestrecommended'duckdynasty'dadrisks$500millionwithgay-sinremarksecrethandshakesgreetfratbrothersonwallstreetrussiacrisishauntsdeutschebank'ssmithseeingchinabustfordf-150seenborrowingmilitaryarmortoshieldprofitbritishairways747'swingslicesintojohannesburgbuildingwas2013theyearwelostchina?u.s.stocksrisebeforeholidayondurables,housingdatasalesofnewhomesinu.s.exceedforecasts,staynearfiveyearhighkhodorkovskypardonsignalsputinriftwithrussiaoilczarkalashnikovshouldhavemadefarmtoolschinaconfrontsworkforcedropwithretirement-agedelaybestof2013:howroubiniwouldinvest$1,000nowbasedonyourreadinghistoryyoumaylike'duckdynasty'dadrisks$500millionwithgay-sinremarksecrethandshakesgreetfratbrothersonwallstreetrussiacrisishauntsdeutschebank'ssmithseeingchinabustfordf-150seenborrowingmilitaryarmortoshieldprofitbritishairways747'swingslicesintojohannesburgbuildingwas2013theyearwelostchina? couldcadillacbethebest-sellingluxurycarby2019?britishairwaysjumbojetstrikesabuildingwhytheu.s.leavesitscredit-cardsystemvulnerabletofraudmeetthenavy'snew$150msubmarine-destroyingjetthedollarwillneverfalltobitcoinsponsoredcontentsponsoredcontentpromotedcontentpromotedcontentrecommendedvideos02:3902:39senatedelaysyellenvoteaslawmakersleavetown 01:5701:57obamacaregoodenoughforobama? 00:2500:25senatepassesbudgetplanthateasesspendingcuts 09:3609:36carperonfiskeruseofformergmplantindelaware 00:5200:52senateadvancesyellennominations 04:5404:54mcconnellonsenaterules,budget,debtceiling bytaboolabytaboola [replacedtest15]src="http://www.bloomberg.com/bcom/article/iframe/google-adwords"frameborder="0"scrolling="no">postajobsearchjobstaxadvisorspecialistparttimecpaor...intuit-tucson,azsenioraccountant-considerowninga...selectingafranchise.com-unitedstatesinternalwholesalerdavisselectedadvisers-tucson,azdynamicsnav/navision-accountant-nyc-...nigelfrankinternational-unitedstatesaccountantuniversityofarizona-tucson,azjobsby[replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_1"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_1"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="300"height="250">advertisements[replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_2"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_2"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="88"height="31">[replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_3"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_3"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="88"height="31">[replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_4"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_4"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="88"height="31"> [replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_0"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_0"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="728"height="90">senateleadersmillionairesinfinancial-disclosuredatabyjonathand.salantandgreggirouxmay22,20139:00pmmt9commentsemailprintsharefacebooktwittergoogle+linkedinemailprintsavephotographer:chipsomodevilla/gettyimagessenatemajorityleaderharryreidandsenatebudgetcommitteechairmanpattymurray...readmoresenatemajorityleaderharryreidandsenatebudgetcommitteechairmanpattymurrayanswerreportersquestionsatthecaptiolonmay9,2013inwashington,dc.closecloseopenphotographer:chipsomodevilla/gettyimagessenatemajorityleaderharryreidandsenatebudgetcommitteechairmanpattymurrayanswerreportersquestionsatthecaptiolonmay9,2013inwashington,dc.[replacedtest15]id="google_ads_iframe_/5262/blp.persfin/save-invest//story_5"style="border:0pxcurrentcolor;border-image:none;vertical-align:bottom;"name="google_ads_iframe_/5262/blp.persfin/save-invest//story_5"src="[replacedtest3]"<html><bodystyle='background:transparent'></body></html>""frameborder="0"marginwidth="0"marginheight="0"scrolling="no"width="300"height="600">senatemajorityleaderharryreidandminorityleadermitchmcconnellreportedtheirnetworthinthemillionsofdollarsastheu.s.senatereleasedpersonalfinancialdisclosurereportsforitsmembers.reid,anevadademocrat,reportedassetsofbetween$2.8millionand$6.3million,includingminingclaimsinhishometownofsearchlightvaluedfrom$100,000to$250,000.kentuckyrepublicanmcconnellandhiswife,elainechao,whoservedasu.s.laborsecretaryunderformerpresidentgeorgew.bush,hadassetsofbetween$9.2millionand$36.5million.chao'sincomeincludedfeesfromsittingoncorporateboards,includingrupertmurdoch'snewscorp.(nwsa)andwellsfargo&co.(wfc)lawmakers,requiredtodisclosetheirfinancialassetsonceayear,reporttheirholdingsinbroadranges.mostsenatedemocraticandrepublicanleadersreportedassetswithupperrangesofatleast$1million.thechamber'sthird-rankingdemocrat,charlesschumerofnewyork,reportedthathiswife,irisweinshall,acityuniversityofnewyorkvicechancellor,earnedmorethanhedidlastyear.hersalarywas$234,368whilehiswas$172,887.theyreportedassetsofbetween$368,000and$1million.thesenatedemocraticconferencesecretary,pattymurrayofwashington,reportedwithherhusbandassetsofbetween$565,000and$1.5million.senatemajoritywhipricharddurbinofillinoisreceivedanextensionofthemay15filingdeadline.credit-carddebtontherepublicanside,minoritywhipjohncornynoftexasreportedassetsofbetween$460,000and$1.4million,andacredit-carddebtofbetween$15,000and$50,000.cornyn,aformertexasattorneygeneralandaformerjudgeonthetexassupremecourtjudge,received$58,939fromtwostateretirementfunds.policycommitteechairmanjohnbarrasso,awyomingrepublican,reportedassetsofbetween$2.7millionand$8.6million.anorthopedicsurgeon,hereceivedbetween$500,000and$1millionfromthesaleofhismedicalpractice,andwaspaid$33,391fromthemedicalpartnershiphewaspartof.republicanconferencechairmanjohnthuneofsouthdakotareportedassetsofbetween$173,000and$596,000.richermembersofthechamberincludesenatecommercecommitteechairmanjayrockefeller,awestvirginiademocrat.hereportedatleast$89millioninassets;amoreprecisenumberisunavailablebecausehelistedhislargestholdingasmorethan$50million.wisconsinrepublicanronjohnson,whofoundedaplasticscompany,reportedassetsbetween$9.2millionand$39.7million.johnsonreportedowninga5percentinterestinthecompany,valuedat$4.5million.rubio'sroyaltiesontheotherhand,senatormarcorubiooffloridareportedapotentiallynegativenetworth,withassetsofbetween$259,000and$860,000andliabilitiesofbetween$450,000and$1million.rubio,aprospective2016republicanpresidentialcandidate,received$800,000inroyaltiesfrompenguingroupusainc.forhis2012memoir,"anamericanson."hepaidoffhisremainingstudentloansofbetween$100,000and$250,000."whenifinishedschool,iowedover$100,000instudentloans,adebtipaidoffjustafewmonthsago,"rubiosaidinfebruaryashedeliveredtheofficialrepublicanresponsetopresidentbarackobama'sstateoftheunionaddress.theyoungestu.s.senator,freshmandemocratchrismurphyofconnecticut,andhiswifeeachowedbetween$15,000and$50,000instudentloans,hisreportshowed.murphy,39,reportedassetsofbetween$70,000and$225,000.warren'sholdingsfreshmansenatorelizabethwarren,amassachusettsdemocratandharvarduniversityemeritusprofessor,andherhusbandbrucemann,aharvardlawprofessor,reportedassetsofbetween$3.8millionand$10.2million.mostofitwasintiaa-creffunds,includingonevaluedatbetween$1millionand$5million.warrenreceived$59,417fromaspenpublishersforaseriesofbooks,including"bankruptcyandarticle9"and"securedcredit:asystemsapproach,"and$103inroyaltiesfromyaleuniversitypressfor"thefragilemiddleclass."senatortedcruz,atexasrepublicanelectedlastnovember,tookapaycuttocometowashington.hewaspaid$1millionlastyearbyhislawfirm.hereportedassetsofbetween$2.2millionand$5.1million,includingan$843,000loantohiscampaignasofdec.31,2012.liabilitiesincludeagoldmansachsgroupinc.(gs)marginloanofbetween$250,000and$500,000.senatorrandpaul,akentuckyrepublicanalsomentionedasapossible2016presidentialcontender,receivedanextensionofthedeadlinetofile.tocontactthereportersonthisstory:[email protected];[email protected][replacedtest32]
User Rank: Apprentice
12/24/2013 | 9:57:18 AM
Who to Trust?
Schneier hits it on the head.  "We no longer know whom to trust.  This is the greatest damage the NSA has done to the Internet, and will be the hardest to fix."  Who DO you trust?  Management in many industries does not like security.  It's invasive, slows them down, makes it harder to use their smartphones when driving.  Now they have more excuses to do nothing.
User Rank: Apprentice
12/24/2013 | 9:22:08 AM
Who's Against Who?
The NSA is busy keeping you (us) protected from organized terror, etc. Why in the world is everybody up in arms and shooting themselves in the foot?? For the sake of privacy? Governments have had their agents and double agents around for over a hundred years, why is everybody waking up just now? Our taxes from our hard-earned money go to the NSA. So who's exactly against who??
User Rank: Apprentice
12/23/2013 | 7:31:57 PM
Re: Quid pro what?
WKash, good thougts.  I guess it is just unfortunate that they cashed in their trust, skirted around the law and constitution, and (at best) mislead Congress under oath.  During 2000, I was an active Linux kernel maintainer and was quite enthralled with SELinux.  At the time I was proud to tout that our IT department was adopting security tools released by the NSA.  Today, I'd be laughed at if not dismissed for making the same claims.
User Rank: Apprentice
12/23/2013 | 7:02:12 PM
Re: Quid pro what?
Fill, it's certainly speculation to guess what the NSA and the administration were thinking since 2000. But NSA Dir. Gen. Alexander has made it apparent in the speeches I've heard him give over the past three yeas that 9/11 attacks (yes during the Bush/Cheney years) cast the work of NSA under a heavier mandate to track down terrorists. At the same time, the resouces became available to tackle much larger volumes of information but not the time to crack the encryption on all that data. So they had to find ways around the problem.    
Page 1 / 2   >   >>
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-12-09
IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
PUBLISHED: 2019-12-09
IBM DataPower Gateway throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
PUBLISHED: 2019-12-09
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.