CIO Today

CIO Today Network Sites:   Top Tech News  |   CIO Today   |   Mobile Tech Today   |   Data Storage Today
Daily Briefing for Technology's Top Decision-Makers
Sunday, April 20th 
Real-time info services with Neustar
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Trending Topics:   Security Heartbleed Big Data Cloud Computing Windows XP Data Centers OS X Mavericks
Home
Enterprise Software
Enterprise Hardware
Big Data
Network Security
Cloud Computing
CRM Systems
Data Storage
Operating Systems
Communications
CIO Issues
Mobile Tech
Chips & Processors
World Wide Web
Business Briefing
After Hours
Press Releases
 
Free Newsletters
Top CIO News
 
Mobile Tech Today
 

Network Security

Did NSA Pay Security Firm $10M To Weaken Encryption?

Did NSA Pay Security Firm $10M To Weaken Encryption?
December 23, 2013 12:53PM

Bookmark and Share
In light of revelations by whistleblower Edward Snowden about the NSA's snooping tactics, individuals and businesses have flocked toward encryption to thwart this spying. But if RSA, a leading encryption provider, was paid $10 million to operate as a partner to the NSA, the benefits of its encryption are questionable at best.

APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.

Unlike some whistleblowers, Edward Snowden has decided to stagger the release of his NSA (National Security Agency) documents to ensure that Americans fully understand what the U.S. spy agency is doing. In September, Snowden revealed that the NSA had worked with security firm RSA in order to weaken the firm's encryption standards. Now, a new report shows that the NSA may have paid off RSA to do this.

Sources close to the matter have come out recently stating the RSA received $10 million from the NSA as part of a U.S. campaign to weaken encryption standards. In September, documents revealed that RSA was actually using the NSA's own algorithms in some of its services and by doing this, the firm guaranteed that the NSA would not have any trouble breaking through the encryption.

The Denial

Even though the Snowden documents and these most recent reports seem convincing, RSA has already jumped out into the media to deny any sort of secret deal with the NSA. "We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security," RSA said in response to these reports.

If RSA did receive the $10 million from the NSA, the firm would have been operating in a way that is completely different from the way that it operated in the 1990s. Nearly two decades ago, RSA actually led a fight against the NSA, which was trying to implement a system to allow the agency to decrypt phone conversations with ease.

Although it may have been pro-privacy in the 1990s, these reports suggest that once the early 2000s came along, a lot changed within the company. The reports indicate that some of these changes were so drastic that employees actually left the firm because of the direction that it was taking. Assuming that these allegations are correct, one of those extreme changes was the firm's secret deal with the NSA.

Defeating Encryption

In light of the Snowden revelations, individuals and businesses have flocked toward encryption to thwart attempts by the government to spy on them. This may be a good idea in some situations but if RSA, a leading encryption provider, has been operating as a partner to the NSA, the benefits of its encryption are questionable at best.

As early as 2007, academic reports confirmed that RSA was using a potentially flawed encryption standard with its Dual EC DRBG number generator. Despite these reports, RSA continued to use the generator and it never told customers to avoid using the standard until this September when it became obvious that the Dual EC DRBG generator was not working.

If the NSA did indeed pay off RSA to continue using a flawed encryption standard, it would confirm some of the suspicions that people have already had for months.

Tell Us What You Think
Comment:

Name:

james taylor:

Posted: 2013-12-24 @ 5:03am PT
Trustworthiness is an important factor in the complexion of further business dealings. If trust is broken, there is bound to be consequences whether presently or later on. The titlewave of distrust is ever growing. There will be an end result from all of this.

mike t:

Posted: 2013-12-24 @ 4:21am PT
And why was Richard Nixon forced to leave office? (Hint: Watergate)

Maria Roberts:

Posted: 2013-12-23 @ 5:26pm PT
Unfortunately the $10 million didn't come from the NSA, it came from the taxpayers pockets, and if we don't like that thought, it's up to us to shut it down. That and give Ed Snowden the Medal of Honor.

msbpodcast:

Posted: 2013-12-23 @ 3:13pm PT
"Yes" And that is the answer to your question. Look to RSA to start shedding customers faster that a mangy dog sheds fur... People went to RSA for SECURITY not to get a security HOLE. They won't forgive so easily.



 Network Security
1. Heartbleed Exploit Could Cost Millions
2. Michaels: Nearly 3M Cards Breached
3. Google Street View Unravels CAPTCHAs
4. Teen Arrested for Heartbleed Hack
5. IBM Adds Disaster Recovery to SoftLayer


Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Galaxy S5 Phone: Less Can Be More
  Heartbleed Exploit Could Cost Millions
  Poll: A Mix of Feelings on Future Tech
  Google, Rockstar Suit Stays in Calif.
  Michaels: Nearly 3M Cards Breached

 Technology Marketplace

Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
Cloud Computing
BMC's I.T. solutions unleash the power of your business
Next Generation Data Center Is Here! Vblock™ Systems from VCE
 
Contact Centers
HP delivers the future of the contact center with HP Qfiniti 10.
 
Data Storage
Next Generation Data Center Is Here! Vblock™ Systems from VCE
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Enterprise Hardware
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Enterprise I.T.
BMC's I.T. solutions unleash the power of your business
 
Hardware
Protect your network with APC Smart-UPS battery backup
 
Network Security
Protect your network with APC Smart-UPS battery backup
 

Network Security Spotlight
Heartbleed Could Cost Millions, Could Have Been Prevented
Early estimates of Heartbleed’s cost to enterprises are running in the millions. The reason: revoking all the SSL certificates the bug exposed will come at a very hefty price. Some say it all could have been avoided.
 
Michaels Says Nearly 3M Credit, Debit Cards Breached
Arts and crafts retail giant Michaels Stores has confirmed that a data breach at its POS terminals from May 2013 to Jan. 2014 may have exposed nearly 3 million customer credit and debit cards.
 
Google's Street View Software Unravels CAPTCHAs
The latest software Google uses for its Street View cars to read street numbers in images for Google Maps works so well that it also solves CAPTCHAs, those puzzles designed to defeat bots.
 

Enterprise Hardware Spotlight
Vaio Fit 11A Battery Danger Forces Recall by Sony
Using a Sony Vaio Fit 11A laptop? It's time to send it back to Sony. In fact, Sony is encouraging people to stop using the laptop after several reports of its Panasonic battery overheating.
 
Continued Drop in Global PC Shipments Slows
Worldwide shipments of PCs fell during the first three months of the year, but the global slump in PC demand may be easing, with a considerable slowdown from last year's drops.
 
Google Glass Finds a Home in Medical Education, Practice
The innovative headpiece may find its niche in markets where hands-free access to data can be a big advantage. Glass experiments for doctors are already under way, with some promising results.
 

Mobile Technology Spotlight
Review: Siri-Like Cortana Fills Windows Phone Gap
With the new Cortana virtual assistant, Windows catches up with Apple's iOS and Google's Android in a major way, taking some of the best parts of Apple's and Google's virtual assistants, with new tools too.
 
With Galaxy S5, Samsung Proves Less Can Be More
Samsung has produced the most formidable rival yet to the iPhone 5s: the Galaxy S5. The device is the fifth edition of the company's successful line of Galaxy S smartphones, and shows less can be more.
 
Facebook Rolls Out Potentially Intrusive Location-Sharing
Looking for friends? Facebook users in the U.S. will soon be able to see which of their friends are nearby, using a smartphone's GPS. Could be a cool feature in some cases, or way too much information.
 

Navigation
CIO Today
Home/Top News | Enterprise Software | Enterprise Hardware | Big Data | Network Security | Cloud Computing | CRM Systems
Data Storage | Operating Systems | Communications | CIO Issues | Mobile Tech | Chips & Processors | World Wide Web
Business Briefing | After Hours | Press Releases
Also visit these Enterprise Technology Sites
Top Tech News | CIO Today | Mobile Tech Today | Data Storage Today

Services:
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About CIO Today Network | How To Contact Us | Article Reprints | Services for PR Pros (In partnership with NewsFactor) | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 CIO Today. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.