[Infowarrior] - RSA denial sidesteps claim it was paid to use compromised encryption by default

Richard Forno rforno at infowarrior.org
Mon Dec 23 06:51:54 CST 2013 

RSA denial sidesteps claim it was paid to use compromised encryption by default

By Aaron Souppouris on December 23, 2013 06:22 am 

http://www.theverge.com/2013/12/23/5237788/rsa-nsa-backdoor-non-denial

Security firm RSA has denied it entered into a contract that it knew would give the NSA a backdoor into its BSAFE security system. Last week, Reuters claimed the NSA paid RSA $10 million to make an algorithm called "Dual EC DRBG" the preferred, or default system in BSAFE. The security giant says that, although it has worked with the NSA, the relationship has never been a secret, and the relationship has been with the "explicit goal" of strengthening security.

In a tightly worded blog post, RSA also gives a timeline of the backdoor debacle. It says it decided to use the random number generator Dual EC DRBG based on advice from the National Institute of Standards (NIST) that deemed the generator safe. It says the algorithm was "only one of multiple choices available within BSAFE toolkits," and adds that, although concerns were raised in 2007 about a possible backdoor in the standard, it "continued to rely upon NIST as the arbiter of that discussion."

When NIST eventually recommended against Dual EC DRBG back in September, RSA passed that guidance on to its customers. The company closes its argument saying it has "never entered into any contract or engaged in any project with the intention of weakening RSA's products, or introducing potential 'backdoors' into our products for anyone's use.

Although RSA's argument appears solid, there are a number of potential 'backdoors' in its wording. First, it never denies the claim that the NSA paid $10 million to include Dual EC DRBG as the default algorithm in BSAFE. Second, by noting its reliance on NIST for decision-making, RSA essentially admits that it was aware of the claims and never passed them on to its customers. Finally, it doesn't explain why it continued to use the now-suspect generator as a default algorithm in BSAFE, rather than downgrading it to optional status and using one of its aforementioned "multiple choices available" as a default instead.

---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.

More information about the Infowarrior mailing list