RSA Security tells customers to drop NSA-related encryption algorithm

An encryption algorithm with a suspected NSA-designed backdoor has been declared insecure by the developer after years of extensive use by customers worldwide, including the US federal agencies and government entities.

  Major US computer security company RSA Security, a division of  EMC, has privately warned thousands of its customers on Thursday  to immediately discontinue using all versions of company’s BSAFE  toolkit and Data Protection Manager (DPM), both using  Dual_EC_DRNG (Dual Elliptic Curve Deterministic Random Bit  Generator) encryption algorithm to protect sensitive data.

“To ensure a high level of assurance in their application, RSA  strongly recommends that customers discontinue use of  Dual_EC_DRNG [cryptographic keys generator] and move to a  different PRNG [Pseudo-random Number Generator],”   warned RSA’s letter, as quoted by The Wall Street Journal.

  In the letter the RSA provided BSAFE Toolkits and DPM customers  with a link to technical guidance to change the PRNG settings in  their products and promised to update the algorithm library.

  The letter does not mention RSA’s flagship SecurID tokens, used  by millions of employees around the world to get secure access to  their corporate networks.

  In 2006, the US National Institute of Standards and Technology  (NIST) followed by the International Organization for  Standardization officially endorsed Dual_EC_DRNG, so encryption  software base on it was used for years by both private sector and  US government agencies.

  Last week the New York Times published new revelations by former  National Security Agency contractor Edward Snowden, exposing that  crucial encryption algorithm of certain US-developed security  software is based on weak mathematical formula intentionally  crippled to facilitate NSA access to encrypted dataflow.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s