Though concerns about the NSA installing a backdoor in the random number generator used by encryption companies like RSA have been around for many, many years now, Edward Snowden’s leaks have revealed more details on the matter, and we didn’t know the half of it.
Not only did the NSA create and push a faulty random number generator as a way to create a de facto backdoor into encryption schemes using it, they even paid RSA $10 million to make the NSA formula the “default” in their products.
The random number generator created by the NSA was the official “government standard” and were widely adopted in no small part because RSA, one of the market leaders in encryption products at the time, were pushing it so hard.
RSA has since been bought out by EMC, and upon today’s revelation announced that it is advising its customers not to use the default NSA formula for generation anymore, now that it is public knowledge that it is faulty.
At the same time, the company defended shipping the known faulty program for many years, insisting that it was “in the best interest of its customers” and that the decisions on what “features” to include in their programs are no one else’s business.
Last 5 posts by Jason Ditz
- Yemeni Forces Stop Houthis Attempt to Reopen Hodeidah Supply Route - October 18th, 2018
- Trump Threatens to Send Military to Close Border With Mexico - October 18th, 2018
- US Opposes Koreas' New No-Fly Zone Plans - October 18th, 2018
- Trump Administration Bans US Aid Groups From North Korea - October 18th, 2018
- Sen. Corker: Trump Must End Intel Clampdown on Khashoggi - October 18th, 2018