Though concerns about the NSA installing a backdoor in the random number generator used by encryption companies like RSA have been around for many, many years now, Edward Snowden’s leaks have revealed more details on the matter, and we didn’t know the half of it.
Not only did the NSA create and push a faulty random number generator as a way to create a de facto backdoor into encryption schemes using it, they even paid RSA $10 million to make the NSA formula the “default” in their products.
The random number generator created by the NSA was the official “government standard” and were widely adopted in no small part because RSA, one of the market leaders in encryption products at the time, were pushing it so hard.
RSA has since been bought out by EMC, and upon today’s revelation announced that it is advising its customers not to use the default NSA formula for generation anymore, now that it is public knowledge that it is faulty.
At the same time, the company defended shipping the known faulty program for many years, insisting that it was “in the best interest of its customers” and that the decisions on what “features” to include in their programs are no one else’s business.
Last 5 posts by Jason Ditz
- Cleric Sadr Calls for Delay in Forming Iraqi Govt as Protests Grow - July 19th, 2018
- Putin: Talks on Extending START Nuclear Treaty Must Start Now - July 19th, 2018
- Trump Invites Putin to White House for Second Summit - July 19th, 2018
- Afghan Defense Ministry Confirms Civilians Killed in Kunduz Airstrike - July 19th, 2018
- Trump Says Critics Badly Want War With Russia - July 19th, 2018